x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1688.480772][T16963] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1688.480772][T16963]    program syz-executor.2 not setting count and/or reply_len properly
08:00:22 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x0, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1688.870025][T16978] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1688.870025][T16978]    program syz-executor.1 not setting count and/or reply_len properly
08:00:23 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:23 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x0, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:23 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:23 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1689.442074][T16984] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1689.442074][T16984]    program syz-executor.1 not setting count and/or reply_len properly
08:00:23 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:23 executing program 2:
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r0 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r0, 0x2285, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r1=>0xffffffffffffffff})
splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r1, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, 0x0)
setresuid(0x0, r2, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(0x0, r2, r3)
sendfile(r0, r1, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r7, 0xa)
pipe(&(0x7f0000000080)={<r8=>0xffffffffffffffff})
splice(r8, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r8, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r8, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:23 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:23 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r14, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:24 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:24 executing program 2:
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r0 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r0, 0x2285, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r1=>0xffffffffffffffff})
splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r1, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, 0x0)
setresuid(0x0, r2, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(0x0, r2, r3)
sendfile(r0, r1, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r7, 0xa)
pipe(&(0x7f0000000080)={<r8=>0xffffffffffffffff})
splice(r8, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r8, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r8, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:24 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:25 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x0, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:25 executing program 2:
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r0 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r0, 0x2285, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r1=>0xffffffffffffffff})
splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r1, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, 0x0)
setresuid(0x0, r2, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(0x0, r2, r3)
sendfile(r0, r1, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r7, 0xa)
pipe(&(0x7f0000000080)={<r8=>0xffffffffffffffff})
splice(r8, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r8, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r8, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:25 executing program 2:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:25 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:25 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:25 executing program 5:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r0 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r0, 0x2285, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r1=>0xffffffffffffffff})
splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r1, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r0, r1, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
perf_event_open(0x0, r13, 0x0, 0xffffffffffffffff, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:25 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:25 executing program 2:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:25 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, 0x0, 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:26 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1692.029982][T17069] sg_write: 13 callbacks suppressed
[ 1692.030000][T17069] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1692.030000][T17069]    program syz-executor.2 not setting count and/or reply_len properly
08:00:26 executing program 2:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1692.259559][T17076] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1692.259559][T17076]    program syz-executor.5 not setting count and/or reply_len properly
08:00:26 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:26 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1692.553676][T17089] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1692.553676][T17089]    program syz-executor.1 not setting count and/or reply_len properly
[ 1692.592569][T17090] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
08:00:26 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1692.592569][T17090]    program syz-executor.2 not setting count and/or reply_len properly
08:00:26 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1692.701744][T17095] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1692.701744][T17095]    program syz-executor.4 not setting count and/or reply_len properly
[ 1692.881106][T17102] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1692.881106][T17102]    program syz-executor.3 not setting count and/or reply_len properly
08:00:27 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:27 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1693.262237][T17112] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1693.262237][T17112]    program syz-executor.2 not setting count and/or reply_len properly
08:00:27 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:27 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, 0x0, 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:27 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1693.814103][T17121] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1693.814103][T17121]    program syz-executor.2 not setting count and/or reply_len properly
08:00:28 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1693.930186][T17124] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1693.930186][T17124]    program syz-executor.5 not setting count and/or reply_len properly
[ 1693.941638][T17127] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1693.941638][T17127]    program syz-executor.1 not setting count and/or reply_len properly
08:00:28 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:28 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:28 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:28 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:28 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:28 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:28 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:29 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:29 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, 0x0, 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:29 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:29 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:29 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:29 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:29 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:29 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:30 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:30 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:30 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:31 executing program 5:
syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x70, 0x0)
r0 = syz_open_dev$usbfs(0x0, 0x0, 0x802)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0xc0185500, &(0x7f0000000380)={0xb00, 0x0, "2c096e3659066f32daec85bccf90ac5642208e828d2dfccaa6c3ae612ad7d3c4382f2d211f2f8a3afcd759a437fb2258063f0bf108b9f82f5b570fbd978c3830095e09ca20ab9d83de55403d86fa7b1895b34f76d71614d075b9e4fe6a87c1c0fc5bebce32e0c4b5b8109744f0ac777cb7c7f2e88e6e674df8573c2d21c9cc49232e8013155f8ea355f314103c129ee97306b2745cf84e69c047eff561616036493f5b7d768a00315d413e355750e203450959c7fd06a90e3f27013ab40f93ed6312366b6882063acac294d7deac3a659a7a81d32c184c96830284954319650ead82d45ab0276b036e8d5a5bf0f5023f4c76deb82a06f8f35e0bfba07ac03d6a"})

08:00:31 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:31 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1697.393695][T17234] sg_write: 14 callbacks suppressed
08:00:31 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1697.465742][T17234] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1697.465742][T17234]    program syz-executor.2 not setting count and/or reply_len properly
[ 1697.501122][T17237] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
08:00:31 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
pipe(0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000ffe0, 0x0)
getresgid(&(0x7f0000000140), &(0x7f0000000200), &(0x7f0000000240))
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
dup(r1)
getuid()
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
syz_open_pts(r1, 0x4000000000005)
dup3(0xffffffffffffffff, r1, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x2, 0x0)
write(r2, &(0x7f0000000040)="e0", 0xfffffe00)
ioctl$TIOCSETD(r2, 0x5437, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000140)=0x10000000, 0x4)

[ 1697.501122][T17237]    program syz-executor.4 not setting count and/or reply_len properly
08:00:31 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:31 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:31 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:31 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1697.861599][T17250] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1697.861599][T17250]    program syz-executor.3 not setting count and/or reply_len properly
[ 1697.947471][T17256] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1697.947471][T17256]    program syz-executor.1 not setting count and/or reply_len properly
[ 1698.031611][T17261] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1698.031611][T17261]    program syz-executor.2 not setting count and/or reply_len properly
[ 1698.086906][T17268] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1698.086906][T17268]    program syz-executor.4 not setting count and/or reply_len properly
08:00:32 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:32 executing program 5:
syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x70, 0x0)
r0 = syz_open_dev$usbfs(0x0, 0x0, 0x802)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8008551c, &(0x7f0000000380)={0x0, 0x0, "2c096e3659066f32daec85bccf90ac5642208e828d2dfccaa6c3ae612ad7d3c4382f2d211f2f8a3afcd759a437fb2258063f0bf108b9f82f5b570fbd978c3830095e09ca20ab9d83de55403d86fa7b1895b34f76d71614d075b9e4fe6a87c1c0fc5bebce32e0c4b5b8109744f0ac777cb7c7f2e88e6e674df8573c2d21c9cc49232e8013155f8ea355f314103c129ee97306b2745cf84e69c047eff561616036493f5b7d768a00315d413e355750e203450959c7fd06a90e3f27013ab40f93ed6312366b6882063acac294d7deac3a659a7a81d32c184c96830284954319650ead82d45ab0276b036e8d5a5bf0f5023f4c76deb82a06f8f35e0bfba07ac03d6a"})

08:00:32 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:32 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:32 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

[ 1699.116437][T17292] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1699.116437][T17292]    program syz-executor.3 not setting count and/or reply_len properly
08:00:33 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:33 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:33 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:33 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

[ 1699.531005][T17302] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1699.531005][T17302]    program syz-executor.1 not setting count and/or reply_len properly
08:00:33 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1699.638497][T17304] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1699.638497][T17304]    program syz-executor.2 not setting count and/or reply_len properly
08:00:33 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:33 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

[ 1700.156677][T17323] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1700.156677][T17323]    program syz-executor.4 not setting count and/or reply_len properly
08:00:34 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:34 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:34 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:34 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:34 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
r12 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:34 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:35 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:35 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:35 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:35 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:35 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:35 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:35 executing program 5:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:36 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:36 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:36 executing program 5:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:36 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1702.648565][T17390] sg_write: 7 callbacks suppressed
[ 1702.655196][T17390] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1702.655196][T17390]    program syz-executor.2 not setting count and/or reply_len properly
[ 1702.716547][T17391] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1702.716547][T17391]    program syz-executor.1 not setting count and/or reply_len properly
08:00:36 executing program 5:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:37 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:37 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:37 executing program 5:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:37 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1703.453645][T17414] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1703.453645][T17414]    program syz-executor.3 not setting count and/or reply_len properly
[ 1703.500939][T17415] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1703.500939][T17415]    program syz-executor.4 not setting count and/or reply_len properly
08:00:37 executing program 5:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:37 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:38 executing program 5:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:38 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:38 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1704.314678][T17437] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1704.314678][T17437]    program syz-executor.2 not setting count and/or reply_len properly
[ 1704.349752][T17438] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1704.349752][T17438]    program syz-executor.1 not setting count and/or reply_len properly
08:00:38 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:38 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:38 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:38 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:39 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1705.142575][T17456] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1705.142575][T17456]    program syz-executor.4 not setting count and/or reply_len properly
[ 1705.174145][T17457] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1705.174145][T17457]    program syz-executor.3 not setting count and/or reply_len properly
08:00:39 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:39 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:39 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:39 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:40 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:40 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1706.109988][T17478] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1706.109988][T17478]    program syz-executor.2 not setting count and/or reply_len properly
08:00:40 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

[ 1706.295279][T17484] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1706.295279][T17484]    program syz-executor.1 not setting count and/or reply_len properly
08:00:40 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:40 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:40 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:40 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:41 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:41 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:41 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:41 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:41 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

[ 1707.894885][T17523] sg_write: 2 callbacks suppressed
08:00:42 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1707.936620][T17523] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1707.936620][T17523]    program syz-executor.1 not setting count and/or reply_len properly
08:00:42 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1707.988465][T17528] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1707.988465][T17528]    program syz-executor.2 not setting count and/or reply_len properly
08:00:42 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1708.096834][T17535] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1708.096834][T17535]    program syz-executor.4 not setting count and/or reply_len properly
08:00:42 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

[ 1708.325306][T17544] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1708.325306][T17544]    program syz-executor.3 not setting count and/or reply_len properly
08:00:42 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

08:00:42 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:42 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

08:00:43 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:43 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:43 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
perf_event_open(0x0, r10, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:43 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

08:00:43 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1709.503279][T17568] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1709.503279][T17568]    program syz-executor.1 not setting count and/or reply_len properly
[ 1709.536279][T17569] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1709.536279][T17569]    program syz-executor.2 not setting count and/or reply_len properly
08:00:43 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:43 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

[ 1709.680419][T17578] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1709.680419][T17578]    program syz-executor.3 not setting count and/or reply_len properly
08:00:43 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1709.741917][T17579] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1709.741917][T17579]    program syz-executor.4 not setting count and/or reply_len properly
08:00:44 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:44 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
perf_event_open(0x0, r10, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1710.070178][T17594] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1710.070178][T17594]    program syz-executor.1 not setting count and/or reply_len properly
08:00:44 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:44 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:44 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1710.846491][T17609] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1710.846491][T17609]    program syz-executor.1 not setting count and/or reply_len properly
08:00:45 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:45 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:45 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:45 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
perf_event_open(0x0, r10, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:45 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:45 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:45 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:45 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:46 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:46 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:46 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:46 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x3, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}}, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:46 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:46 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:46 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x3, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}}, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

[ 1712.918716][T17676] sg_write: 7 callbacks suppressed
08:00:47 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1712.987378][T17676] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1712.987378][T17676]    program syz-executor.1 not setting count and/or reply_len properly
08:00:47 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x3, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}}, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

[ 1713.305563][T17684] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1713.305563][T17684]    program syz-executor.4 not setting count and/or reply_len properly
08:00:47 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:47 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x0, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:47 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:47 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1713.674969][T17697] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1713.674969][T17697]    program syz-executor.2 not setting count and/or reply_len properly
[ 1713.816258][T17701] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1713.816258][T17701]    program syz-executor.3 not setting count and/or reply_len properly
08:00:47 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x0, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:47 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:48 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:48 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:48 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x0, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:48 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1714.202210][T17714] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1714.202210][T17714]    program syz-executor.2 not setting count and/or reply_len properly
[ 1714.241173][T17713] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1714.241173][T17713]    program syz-executor.4 not setting count and/or reply_len properly
[ 1714.382591][T17724] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1714.382591][T17724]    program syz-executor.1 not setting count and/or reply_len properly
08:00:48 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x0, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:48 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:49 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x0, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:49 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:49 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1715.262099][T17746] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1715.262099][T17746]    program syz-executor.2 not setting count and/or reply_len properly
08:00:49 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x0, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

[ 1715.400931][T17750] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1715.400931][T17750]    program syz-executor.3 not setting count and/or reply_len properly
08:00:49 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:49 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:49 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1715.716163][T17763] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1715.716163][T17763]    program syz-executor.4 not setting count and/or reply_len properly
08:00:49 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:49 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:50 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:50 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:50 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:50 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:50 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:50 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:51 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, 0x0, 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:51 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:51 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:51 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:51 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, 0x0, 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:51 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:51 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, 0x0, 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:51 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:52 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:52 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:52 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1718.244341][T17837] sg_write: 7 callbacks suppressed
[ 1718.256194][T17838] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1718.256194][T17838]    program syz-executor.1 not setting count and/or reply_len properly
08:00:52 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

[ 1718.297579][T17837] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1718.297579][T17837]    program syz-executor.3 not setting count and/or reply_len properly
[ 1718.332576][T17844] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
08:00:52 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1718.332576][T17844]    program syz-executor.2 not setting count and/or reply_len properly
08:00:52 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

08:00:52 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1718.563773][T17854] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1718.563773][T17854]    program syz-executor.4 not setting count and/or reply_len properly
08:00:52 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:53 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:53 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:53 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:53 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:53 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:53 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:53 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1719.880653][T17881] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1719.880653][T17881]    program syz-executor.3 not setting count and/or reply_len properly
08:00:54 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:54 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x70)

[ 1720.019384][T17887] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1720.019384][T17887]    program syz-executor.2 not setting count and/or reply_len properly
[ 1720.041683][T17893] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1720.041683][T17893]    program syz-executor.1 not setting count and/or reply_len properly
08:00:54 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1720.302817][T17907] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1720.302817][T17907]    program syz-executor.4 not setting count and/or reply_len properly
08:00:54 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:54 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x70)

08:00:54 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1720.728187][T17918] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1720.728187][T17918]    program syz-executor.1 not setting count and/or reply_len properly
08:00:54 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x70)

08:00:55 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:55 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:55 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:55 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x70)

08:00:55 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1721.301839][T17936] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1721.301839][T17936]    program syz-executor.2 not setting count and/or reply_len properly
08:00:55 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:55 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x7, 0x5, 0x0, 0x0, 0xa}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x70)

08:00:56 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:56 executing program 5:
syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x70, 0x0)
r0 = syz_open_dev$usbfs(0x0, 0x0, 0x802)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x80045515, &(0x7f0000000380)={0xc20, 0x0, "2c096e3659066f32daec85bccf90ac5642208e828d2dfccaa6c3ae612ad7d3c4382f2d211f2f8a3afcd759a437fb2258063f0bf108b9f82f5b570fbd978c3830095e09ca20ab9d83de55403d86fa7b1895b34f76d71614d075b9e4fe6a87c1c0fc5bebce32e0c4b5b8109744f0ac777cb7c7f2e88e6e674df8573c2d21c9cc49232e8013155f8ea355f314103c129ee97306b2745cf84e69c047eff561616036493f5b7d768a00315d413e355750e203450959c7fd06a90e3f27013ab40f93ed6312366b6882063acac294d7deac3a659a7a81d32c184c96830284954319650ead82d45ab0276b036e8d5a5bf0f5023f4c76deb82a06f8f35e0bfba07ac03d6a"})

08:00:56 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:56 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:56 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:56 executing program 5:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x6)
setsockopt(r1, 0x0, 0x6, 0x0, 0x0)
io_setup(0x9, &(0x7f0000000240)=<r2=>0x0)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
io_submit(r2, 0x2, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f000000000000ffffffff000000", 0x20000238}])

08:00:56 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:57 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:57 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:57 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:57 executing program 5:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x6)
setsockopt(r1, 0x0, 0x6, 0x0, 0x0)
io_setup(0x9, &(0x7f0000000240)=<r2=>0x0)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
io_submit(r2, 0x2, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f000000000000ffffffff000000", 0x20000238}])

08:00:57 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1723.438178][T18003] sg_write: 6 callbacks suppressed
[ 1723.444339][T18003] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1723.444339][T18003]    program syz-executor.4 not setting count and/or reply_len properly
[ 1723.514535][T18007] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1723.514535][T18007]    program syz-executor.2 not setting count and/or reply_len properly
[ 1723.674051][T18015] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1723.674051][T18015]    program syz-executor.1 not setting count and/or reply_len properly
08:00:57 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:57 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'sit0\x00\x00\x01\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=r2, @ANYBLOB="000000000000000010002b00040001007369740004000200"], 0x268}}, 0x0)

08:00:57 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1723.941898][T18024] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1723.941898][T18024]    program syz-executor.3 not setting count and/or reply_len properly
[ 1723.989350][T18028] netlink: 'syz-executor.5': attribute type 1 has an invalid length.
08:00:58 executing program 5:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADDIR(r0, &(0x7f00000000c0)={0xb}, 0xb)
perf_event_open(&(0x7f0000000040)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[]}}, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0xef, 0x1012, r1, 0x0)

08:00:58 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1724.619853][   T26] audit: type=1804 audit(1574064058.670:66): pid=18036 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir177575938/syzkaller.4VlTvI/1628/bus" dev="sda1" ino=16996 res=1
08:00:58 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1724.847754][   T26] audit: type=1804 audit(1574064058.700:67): pid=18036 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir177575938/syzkaller.4VlTvI/1628/bus" dev="sda1" ino=16996 res=1
08:00:59 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1725.007536][   T26] audit: type=1804 audit(1574064058.780:68): pid=18036 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir177575938/syzkaller.4VlTvI/1628/bus" dev="sda1" ino=16996 res=1
08:00:59 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:59 executing program 5:
perf_event_open(&(0x7f0000000580)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
shmat(r0, &(0x7f000000a000/0x4000)=nil, 0x4000)
shmctl$SHM_UNLOCK(r0, 0xc)
shmctl$SHM_LOCK(r0, 0xb)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, {0x0, 0x2, 0x0, 0x0, 0x4}}, 0x32)
r2 = perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = getpgid(0x0)
prctl$PR_SET_PTRACER(0x59616d61, r3)
ptrace$cont(0xffffffffffffffff, r3, 0x1, 0x335)
r4 = accept(r1, 0x0, &(0x7f0000000080))
fdatasync(0xffffffffffffffff)
setsockopt$bt_hci_HCI_DATA_DIR(r4, 0x0, 0x1, &(0x7f00000000c0)=0xbc, 0x4)
msgget(0x0, 0x2)
r5 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f0000000040)={&(0x7f0000ffc000/0x2000)=nil, 0x0, 0x0, 0x80, &(0x7f0000ffc000/0x2000)=nil, 0xb2b})
r6 = perf_event_open$cgroup(&(0x7f0000000140)={0x8, 0x70, 0x7f, 0x1, 0x81, 0x80, 0x0, 0x9, 0x2000, 0xd, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x6, 0x2, @perf_config_ext={0x7, 0x4b37b34a}, 0x20, 0x2, 0x4, 0x4, 0x1, 0x0, 0x8059}, 0xffffffffffffffff, 0x6, r5, 0x5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0x1)
r7 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r8 = perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r8, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r7, 0x40286608, 0x0)
lseek(r7, 0x0, 0x3)
ioctl$EVIOCGPROP(r7, 0x80404509, &(0x7f0000000380)=""/16)
ioctl$KDSETKEYCODE(r7, 0x4b4d, &(0x7f00000001c0)={0x2})
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)

08:00:59 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1725.085449][T18048] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1725.085449][T18048]    program syz-executor.4 not setting count and/or reply_len properly
[ 1725.150210][   T26] audit: type=1804 audit(1574064058.780:69): pid=18041 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir177575938/syzkaller.4VlTvI/1628/bus" dev="sda1" ino=16996 res=1
[ 1725.236520][T18054] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1725.236520][T18054]    program syz-executor.1 not setting count and/or reply_len properly
[ 1725.359475][   T26] audit: type=1804 audit(1574064058.790:70): pid=18038 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir177575938/syzkaller.4VlTvI/1628/bus" dev="sda1" ino=16996 res=1
[ 1725.396114][T18062] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
08:00:59 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, 0xffffffffffffffff, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1725.396114][T18062]    program syz-executor.2 not setting count and/or reply_len properly
[ 1725.666370][T18073] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1725.666370][T18073]    program syz-executor.3 not setting count and/or reply_len properly
08:00:59 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:00:59 executing program 5:
r0 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000100)={0xf000000, 0x1, 0x0, [], &(0x7f00000000c0)={0x98f905, 0xd408, [], @p_u16}})

08:01:00 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:00 executing program 5:
syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x70, 0x0)
r0 = syz_open_dev$usbfs(0x0, 0x0, 0x802)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0xc0185500, &(0x7f0000000380)={0x120, 0x0, "2c096e3659066f32daec85bccf90ac5642208e828d2dfccaa6c3ae612ad7d3c4382f2d211f2f8a3afcd759a437fb2258063f0bf108b9f82f5b570fbd978c3830095e09ca20ab9d83de55403d86fa7b1895b34f76d71614d075b9e4fe6a87c1c0fc5bebce32e0c4b5b8109744f0ac777cb7c7f2e88e6e674df8573c2d21c9cc49232e8013155f8ea355f314103c129ee97306b2745cf84e69c047eff561616036493f5b7d768a00315d413e355750e203450959c7fd06a90e3f27013ab40f93ed6312366b6882063acac294d7deac3a659a7a81d32c184c96830284954319650ead82d45ab0276b036e8d5a5bf0f5023f4c76deb82a06f8f35e0bfba07ac03d6a"})

[ 1726.313574][T18088] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1726.313574][T18088]    program syz-executor.4 not setting count and/or reply_len properly
08:01:00 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, 0xffffffffffffffff, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:00 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1726.584331][T18096] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1726.584331][T18096]    program syz-executor.3 not setting count and/or reply_len properly
08:01:00 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:00 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:00 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f0000000380)={0x1d, r1}, 0x10)
sendmsg$can_raw(r0, &(0x7f0000001fc8)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x8}, 0x0)

08:01:00 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x101002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff9e)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0)
syz_open_dev$radio(0x0, 0x3, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(0xffffffffffffffff, 0xc0405665, 0x0)

08:01:01 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(0x0, 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:01 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:01 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:01 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:01 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(0x0, 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:01 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, 0xffffffffffffffff, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:02 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:02 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:02 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x25, &(0x7f0000000240)=0x2000000000000001, 0x4)

08:01:02 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:02 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1728.637698][T18168] TCP: TCP_TX_DELAY enabled
08:01:02 executing program 5:
syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x70, 0x0)
r0 = syz_open_dev$usbfs(0x0, 0x0, 0x802)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x802c550a, &(0x7f0000000380)={0x0, 0x0, "2c096e3659066f32daec85bccf90ac5642208e828d2dfccaa6c3ae612ad7d3c4382f2d211f2f8a3afcd759a437fb2258063f0bf108b9f82f5b570fbd978c3830095e09ca20ab9d83de55403d86fa7b1895b34f76d71614d075b9e4fe6a87c1c0fc5bebce32e0c4b5b8109744f0ac777cb7c7f2e88e6e674df8573c2d21c9cc49232e8013155f8ea355f314103c129ee97306b2745cf84e69c047eff561616036493f5b7d768a00315d413e355750e203450959c7fd06a90e3f27013ab40f93ed6312366b6882063acac294d7deac3a659a7a81d32c184c96830284954319650ead82d45ab0276b036e8d5a5bf0f5023f4c76deb82a06f8f35e0bfba07ac03d6a"})

08:01:02 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1728.811488][T18173] sg_write: 6 callbacks suppressed
[ 1728.862664][T18173] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1728.862664][T18173]    program syz-executor.4 not setting count and/or reply_len properly
[ 1729.107569][T18181] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1729.107569][T18181]    program syz-executor.1 not setting count and/or reply_len properly
08:01:03 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0x0)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:03 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:03 executing program 5:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="24000000150007031dfffd946fa2830002200a0009000000741d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
recvmmsg(r0, &(0x7f0000002d00), 0x400000000000400, 0x8fa69e022811dc96, 0x0)

08:01:03 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(0x0, 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1729.402066][T18191] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1729.402066][T18191]    program syz-executor.3 not setting count and/or reply_len properly
08:01:03 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:04 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:04 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:04 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1730.257617][T18217] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1730.257617][T18217]    program syz-executor.4 not setting count and/or reply_len properly
[ 1730.285606][T18218] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1730.285606][T18218]    program syz-executor.1 not setting count and/or reply_len properly
08:01:04 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:04 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:04 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0x0)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1730.833530][T18208] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1730.843312][T18237] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1730.843312][T18237]    program syz-executor.3 not setting count and/or reply_len properly
08:01:05 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:05 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0x0)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:05 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1731.563099][T18251] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1731.563099][T18251]    program syz-executor.4 not setting count and/or reply_len properly
[ 1731.646643][T18208] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1731.674956][T18253] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1731.674956][T18253]    program syz-executor.3 not setting count and/or reply_len properly
08:01:05 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x3}, {0x80000006}]}, 0x10)

08:01:05 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:05 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r11, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
splice(r14, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r14, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r14, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
perf_event_open(0x0, r15, 0x0, 0xffffffffffffffff, 0xa)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:05 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1731.872724][T18261] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1731.872724][T18261]    program syz-executor.1 not setting count and/or reply_len properly
08:01:06 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1732.020253][T18271] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1732.020253][T18271]    program syz-executor.4 not setting count and/or reply_len properly
08:01:06 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
perf_event_open(0x0, r13, 0x0, 0xffffffffffffffff, 0xa)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r14, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:06 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:06 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:06 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:06 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:06 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:07 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff9e)

08:01:07 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
perf_event_open(0x0, r13, 0x0, 0xffffffffffffffff, 0xa)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r14, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:07 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:07 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, 0x0, 0x0)

08:01:07 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:07 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
perf_event_open(0x0, r13, 0x0, 0xffffffffffffffff, 0xa)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r14, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:07 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, 0x0, 0x0)

08:01:07 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:08 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f00000006c0)='net/protocols\x00')
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x5, 0x0, 0x1}, 0xc)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
accept4(r3, 0x0, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
read(r4, &(0x7f0000000040)=""/11, 0xb)
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r5=>0x0})
add_key(&(0x7f0000000240)='dns_resolver\x00', 0x0, 0x0, 0x0, 0x0)
keyctl$invalidate(0x15, 0x0)
sched_setattr(0x0, &(0x7f0000000400)={0x30, 0x1, 0x0, 0x0, 0x1}, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[ 1733.890350][T18338] sg_write: 6 callbacks suppressed
[ 1733.903583][T18338] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1733.903583][T18338]    program syz-executor.4 not setting count and/or reply_len properly
[ 1734.018649][T18342] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1734.018649][T18342]    program syz-executor.3 not setting count and/or reply_len properly
08:01:08 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:08 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r9 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r9, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0x0, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, 0x0, 0x0)

08:01:08 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:08 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1734.844709][T18367] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1734.844709][T18367]    program syz-executor.3 not setting count and/or reply_len properly
[ 1734.868230][T18366] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1734.868230][T18366]    program syz-executor.1 not setting count and/or reply_len properly
08:01:09 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f00000006c0)='net/protocols\x00')
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x5, 0x0, 0x1}, 0xc)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
accept4(r3, 0x0, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
read(r4, &(0x7f0000000040)=""/11, 0xb)
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r5=>0x0})
add_key(&(0x7f0000000240)='dns_resolver\x00', 0x0, 0x0, 0x0, 0x0)
keyctl$invalidate(0x15, 0x0)
sched_setattr(0x0, &(0x7f0000000400)={0x30, 0x1, 0x0, 0x0, 0x1}, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

08:01:09 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
perf_event_open(0x0, r11, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:09 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:09 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1735.312706][T18384] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1735.312706][T18384]    program syz-executor.4 not setting count and/or reply_len properly
08:01:09 executing program 3:
r0 = socket$inet6(0xa, 0x40000000000001, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @ipv4}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, @tcp={{0x0, 0x4e20, 0x42424242, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)

08:01:09 executing program 3:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
perf_event_open(&(0x7f0000000040)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r0, 0x0)

08:01:10 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0x0)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:10 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:10 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f00000006c0)='net/protocols\x00')
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x5, 0x0, 0x1}, 0xc)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
accept4(r3, 0x0, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
read(r4, &(0x7f0000000040)=""/11, 0xb)
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r5=>0x0})
add_key(&(0x7f0000000240)='dns_resolver\x00', 0x0, 0x0, 0x0, 0x0)
keyctl$invalidate(0x15, 0x0)
sched_setattr(0x0, &(0x7f0000000400)={0x30, 0x1, 0x0, 0x0, 0x1}, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[ 1736.342352][T18414] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1736.342352][T18414]    program syz-executor.1 not setting count and/or reply_len properly
08:01:10 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
socket$caif_seqpacket(0x25, 0x5, 0x6)
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
io_submit(r1, 0x2, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f000000000000ffffffff000000", 0x20000238}])

08:01:10 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
perf_event_open(0x0, r11, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:11 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:11 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
socket$caif_seqpacket(0x25, 0x5, 0x6)
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
io_submit(r1, 0x2, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f000000000000ffffffff000000", 0x20000238}])

[ 1737.133124][T18430] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1737.133124][T18430]    program syz-executor.4 not setting count and/or reply_len properly
08:01:11 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:11 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f00000006c0)='net/protocols\x00')
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x5, 0x0, 0x1}, 0xc)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
accept4(r3, 0x0, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
read(r4, &(0x7f0000000040)=""/11, 0xb)
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r5=>0x0})
add_key(&(0x7f0000000240)='dns_resolver\x00', 0x0, 0x0, 0x0, 0x0)
keyctl$invalidate(0x15, 0x0)
sched_setattr(0x0, &(0x7f0000000400)={0x30, 0x1, 0x0, 0x0, 0x1}, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

08:01:11 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
socket$caif_seqpacket(0x25, 0x5, 0x6)
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
io_submit(r1, 0x2, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f000000000000ffffffff000000", 0x20000238}])

08:01:11 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:11 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0x0)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:12 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:12 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
socket$netlink(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x101002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x200802, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff9e)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000000)={0x1, 0x0, 0x7, 0x800, 0x0, 0x0, 0x0, 0x2, 0x1})
ioctl$VIDIOC_ENUM_FREQ_BANDS(0xffffffffffffffff, 0xc0405665, &(0x7f0000000040))

[ 1738.230281][T18461] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1738.230281][T18461]    program syz-executor.1 not setting count and/or reply_len properly
08:01:12 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000c00)={<r11=>0x0}, 0x0)
perf_event_open(0x0, r11, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
perf_event_open(0x0, r14, 0x0, 0xffffffffffffffff, 0xa)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r15, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:12 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f00000006c0)='net/protocols\x00')
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x5, 0x0, 0x1}, 0xc)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
accept4(r2, 0x0, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
read(r3, &(0x7f0000000040)=""/11, 0xb)
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r4=>0x0})
add_key(&(0x7f0000000240)='dns_resolver\x00', 0x0, 0x0, 0x0, 0x0)
keyctl$invalidate(0x15, 0x0)
sched_setattr(0x0, &(0x7f0000000400)={0x30, 0x1, 0x0, 0x0, 0x1}, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0)

[ 1738.676616][T18477] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1738.676616][T18477]    program syz-executor.4 not setting count and/or reply_len properly
08:01:13 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, r8, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff})
splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r13, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r13, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r14=>0x0}, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r14, 0x0, r15, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r16=>0x0}, 0x0)
r17 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r16, 0x0, r17, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:13 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0x0)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:13 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f00000006c0)='net/protocols\x00')
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x5, 0x0, 0x1}, 0xc)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
accept4(r2, 0x0, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
read(r3, &(0x7f0000000040)=""/11, 0xb)
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r4=>0x0})
add_key(&(0x7f0000000240)='dns_resolver\x00', 0x0, 0x0, 0x0, 0x0)
keyctl$invalidate(0x15, 0x0)
sched_setattr(0x0, &(0x7f0000000400)={0x30, 0x1, 0x0, 0x0, 0x1}, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0)

08:01:13 executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
connect(r0, &(0x7f0000006540)=@nl=@unspec, 0x80)

[ 1739.795822][T18494] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1739.795822][T18494]    program syz-executor.1 not setting count and/or reply_len properly
08:01:13 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, 0x0, 0x0)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:14 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500))
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:14 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
perf_event_open(0x0, r13, 0x0, 0xffffffffffffffff, 0xa)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r14, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:14 executing program 3:
syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x70, 0x0)
r0 = syz_open_dev$usbfs(0x0, 0x0, 0x802)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8004551a, &(0x7f0000000380)={0x0, 0x0, "2c096e3659066f32daec85bccf90ac5642208e828d2dfccaa6c3ae612ad7d3c4382f2d211f2f8a3afcd759a437fb2258063f0bf108b9f82f5b570fbd978c3830095e09ca20ab9d83de55403d86fa7b1895b34f76d71614d075b9e4fe6a87c1c0fc5bebce32e0c4b5b8109744f0ac777cb7c7f2e88e6e674df8573c2d21c9cc49232e8013155f8ea355f314103c129ee97306b2745cf84e69c047eff561616036493f5b7d768a00315d413e355750e203450959c7fd06a90e3f27013ab40f93ed6312366b6882063acac294d7deac3a659a7a81d32c184c96830284954319650ead82d45ab0276b036e8d5a5bf0f5023f4c76deb82a06f8f35e0bfba07ac03d6a"})

[ 1740.318666][T18518] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1740.318666][T18518]    program syz-executor.4 not setting count and/or reply_len properly
08:01:14 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, 0x0, 0x0)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:14 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500))
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:14 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff9e)
ioctl$VIDIOC_ENUM_FREQ_BANDS(0xffffffffffffffff, 0xc0405665, 0x0)

08:01:14 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:14 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f00000006c0)='net/protocols\x00')
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x5, 0x0, 0x1}, 0xc)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
accept4(r2, 0x0, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
read(r3, &(0x7f0000000040)=""/11, 0xb)
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r4=>0x0})
add_key(&(0x7f0000000240)='dns_resolver\x00', 0x0, 0x0, 0x0, 0x0)
keyctl$invalidate(0x15, 0x0)
sched_setattr(0x0, &(0x7f0000000400)={0x30, 0x1, 0x0, 0x0, 0x1}, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0)

08:01:14 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, 0x0, 0x0)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1741.000527][T18540] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1741.000527][T18540]    program syz-executor.1 not setting count and/or reply_len properly
08:01:15 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500))
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:15 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:15 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
perf_event_open(0x0, r13, 0x0, 0xffffffffffffffff, 0xa)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r14, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:15 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}], 0x1)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1741.598857][T18562] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1741.598857][T18562]    program syz-executor.4 not setting count and/or reply_len properly
08:01:15 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r4, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r4, r5)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x0, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
perf_event_open(0x0, r13, 0x0, 0xffffffffffffffff, 0xa)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r14, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1741.656123][T18564] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1741.656123][T18564]    program syz-executor.1 not setting count and/or reply_len properly
08:01:15 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
chown(0x0, r3, 0x0)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:15 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}], 0x1)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, 0x0)
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
chown(0x0, r3, r4)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00), 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000c00)={<r7=>0x0}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(0x0, r7, 0x0, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r8, 0xa)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
splice(r9, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r9, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r9, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r10=>0x0}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r10, 0x0, r11, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r12=>0x0}, 0x0)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r12, 0x0, r13, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

08:01:16 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f00000006c0)='net/protocols\x00')
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x5, 0x0, 0x1}, 0xc)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
accept4(r3, 0x0, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
read(r4, &(0x7f0000000040)=""/11, 0xb)
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r5=>0x0})
add_key(&(0x7f0000000240)='dns_resolver\x00', 0x0, 0x0, 0x0, 0x0)
keyctl$invalidate(0x15, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[ 1741.971387][T18574] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1741.971387][T18574]    program syz-executor.4 not setting count and/or reply_len properly
08:01:16 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}}, r1}}, 0x48)

08:01:16 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x20, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000580)='./file0/file0/../file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
chown(&(0x7f0000000280)='./file0/file0/../file0\x00', r2, r3)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, 0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r6, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={<r8=>0x0}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, r8, 0x0, r9, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r10, 0xa)
pipe(&(0x7f0000000080)={<r11=>0xffffffffffffffff})
splice(r11, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r11, 0x5429, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
r12 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, r12, 0xa)
r13 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r13, 0xa)
clone3(0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1742.172498][T18587] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[ 1742.172498][T18587]    program syz-executor.1 not setting count and/or reply_len properly
08:01:16 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8615}, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0)='trusted.overlay.upper\x00', 0x0, 0x0, 0x1)
r1 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r2, 0xc0905664, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
chown(0x0, r3, 0x0)
sendfile(r1, r2, &(0x7f0000000140), 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x4, 0x16}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x808000, 0x0)
ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000340)={0xff, 0x0, [0x8000, 0xfff, 0x5, 0x6]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000c00)={<r6=>0x0}, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r6, 0x0, r7, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000c00)={<r9=>0x0}, 0x0)
r10 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r9, 0x0, r10, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000))
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, r11, 0xa)
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff})
splice(r12, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r12, 0xc0905664, &(0x7f0000000180)={0xe8d31749c2fa056c, 0x0, [], @bt={0x6, 0x3, 0xff, 0x746, 0x4, 0x400, 0x66eea1a1b007f280, 0xd}})
ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000600))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000640)='.\x00', 0xffffffffffffffff}, 0x30)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r13=>0x0}, 0x0)
r14 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r13, 0x0, r14, 0xa)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c00)={<r15=>0x0}, 0x0)
r16 = openat$full(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/full\x00', 0x2, 0x0)
perf_event_open(0x0, r15, 0x0, r16, 0xa)
clone3(&(0x7f00000008c0)={0x80000100, &(0x7f0000000700), &(0x7f0000000740), 0x0, 0x2f, 0x0, &(0x7f00000007c0)=""/59, 0x3b, &(0x7f0000000800)=""/162}, 0x40)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @broadcast}}}, 0x0)

[ 1742.576167][T18601] ==================================================================
[ 1742.584309][T18601] BUG: KCSAN: data-race in poll_schedule_timeout.constprop.0 / pollwake
[ 1742.592614][T18601] 
[ 1742.594963][T18601] read to 0xffffc9000127fa20 of 4 bytes by task 18597 on cpu 1:
[ 1742.602589][T18601]  poll_schedule_timeout.constprop.0+0x50/0xc0
[ 1742.608733][T18601]  do_select+0xd7f/0x1020
[ 1742.613047][T18601]  core_sys_select+0x381/0x550
[ 1742.617789][T18601]  do_pselect.constprop.0+0x11d/0x160
[ 1742.623141][T18601]  __x64_sys_pselect6+0x12e/0x170
[ 1742.628145][T18601]  do_syscall_64+0xcc/0x370
[ 1742.632629][T18601]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 1742.638531][T18601] 
[ 1742.640843][T18601] write to 0xffffc9000127fa20 of 4 bytes by task 18601 on cpu 0:
[ 1742.648552][T18601]  pollwake+0xe3/0x140
[ 1742.652602][T18601]  __wake_up_common+0x7b/0x180
[ 1742.657531][T18601]  __wake_up_common_lock+0x77/0xb0
[ 1742.662619][T18601]  __wake_up+0xe/0x10
[ 1742.666585][T18601]  wakeup_pipe_writers+0x74/0xb0
[ 1742.671503][T18601]  splice_from_pipe_next.part.0+0x17a/0x1d0
[ 1742.677373][T18601]  __splice_from_pipe+0xa4/0x480
[ 1742.682300][T18601]  do_vmsplice.part.0+0x1c5/0x210
[ 1742.687325][T18601]  __do_sys_vmsplice+0x15f/0x1c0
[ 1742.692240][T18601]  __x64_sys_vmsplice+0x5e/0x80
[ 1742.697070][T18601]  do_syscall_64+0xcc/0x370
[ 1742.701571][T18601]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 1742.707450][T18601] 
[ 1742.709766][T18601] Reported by Kernel Concurrency Sanitizer on:
[ 1742.715901][T18601] CPU: 0 PID: 18601 Comm: syz-executor.5 Not tainted 5.4.0-rc7+ #0
[ 1742.723763][T18601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1742.733816][T18601] ==================================================================
[ 1742.741855][T18601] Kernel panic - not syncing: panic_on_warn set ...
[ 1742.748433][T18601] CPU: 0 PID: 18601 Comm: syz-executor.5 Not tainted 5.4.0-rc7+ #0
[ 1742.756659][T18601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1742.766708][T18601] Call Trace:
[ 1742.769983][T18601]  dump_stack+0x11d/0x181
[ 1742.774296][T18601]  panic+0x210/0x640
[ 1742.778189][T18601]  ? vprintk_func+0x8d/0x140
[ 1742.782764][T18601]  kcsan_report.cold+0xc/0xd
[ 1742.787340][T18601]  kcsan_setup_watchpoint+0x3fe/0x460
[ 1742.792696][T18601]  __tsan_unaligned_write4+0xc4/0x100
[ 1742.798047][T18601]  pollwake+0xe3/0x140
[ 1742.802098][T18601]  ? wake_up_q+0x70/0x70
[ 1742.806323][T18601]  __wake_up_common+0x7b/0x180
[ 1742.811067][T18601]  __wake_up_common_lock+0x77/0xb0
[ 1742.816161][T18601]  __wake_up+0xe/0x10
[ 1742.820122][T18601]  wakeup_pipe_writers+0x74/0xb0
[ 1742.825061][T18601]  splice_from_pipe_next.part.0+0x17a/0x1d0
[ 1742.830937][T18601]  __splice_from_pipe+0xa4/0x480
[ 1742.835863][T18601]  ? iter_to_pipe+0x3f0/0x3f0
[ 1742.840538][T18601]  do_vmsplice.part.0+0x1c5/0x210
[ 1742.845548][T18601]  __do_sys_vmsplice+0x15f/0x1c0
[ 1742.850471][T18601]  ? __read_once_size+0x5a/0xe0
[ 1742.855303][T18601]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1742.861092][T18601]  ? _copy_to_user+0x84/0xb0
[ 1742.865683][T18601]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1742.871901][T18601]  ? put_timespec64+0x94/0xc0
[ 1742.876560][T18601]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1742.882782][T18601]  __x64_sys_vmsplice+0x5e/0x80
[ 1742.887631][T18601]  do_syscall_64+0xcc/0x370
[ 1742.892212][T18601]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 1742.898096][T18601] RIP: 0033:0x45a639
[ 1742.901977][T18601] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1742.921560][T18601] RSP: 002b:00007f79b2617c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1742.929989][T18601] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a639
[ 1742.938051][T18601] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004
[ 1742.946010][T18601] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[ 1742.954001][T18601] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f79b26186d4
[ 1742.961955][T18601] R13: 00000000004ca5cf R14: 00000000004e2600 R15: 00000000ffffffff
[ 1744.051614][T18601] Shutting down cpus with NMI
[ 1744.057898][T18601] Kernel Offset: disabled
[ 1744.062230][T18601] Rebooting in 86400 seconds..