ffb596f450fd922a54f52be6e907d901d50b610df7981ada392f6a3ffa4be99d964a07cbee1642e50136fce2f5df8dd160724e11e11070e4441d1171b5e14705dcc3a7d4dce08ae2a47cb0afb24dbf7552ff6c221fce7b8e0bc06edfdeb805163ef8d85c40fffcb7371e0c637c7330f9f3c16dbc0ea2d5618690d5fa233e53b57da1e26b30b30a7a835b8bb296a4de4cc2530bffe5d3043c95207cba9077425fa28d72d63d1f5d058d3653734417f25be0553cb73c7892b365bfa040192083083837a43684ba41cd081042fd3b97edc5ab3c5f0e45cda25b8b1393d9012a3f826ac022667df4954bf62f3eeccbc588116acf3143134365180424244828454c3b1de128bdf6d5b9425a5b735e2e67c1f62e4a94986a104d6a2b113bdad880a89261360bf097e0b14da89f21b056f43b23961cce1c5a63fba093931a7695c3ab4111c783ff20e9a59ca028c741dcda9c81203c7268a54007dacc55828c0d3aa7dbd1c71657cd964ee942480971042ceb8d30691ecbf7de41fd44492d3e9b958245fd40ccd49259202c5a9491cbb2429a4c6782da5d962a860483691552da8a3ab3fc540b94e170d56031a6008ea3b85da789e9d80055608329b9061bdc732124b3fb996717268dc8b4a3735932588375156b8b8227dee4aac71f96293f41d77d5538d7fd923aae85d69918ce597cbd0b058fcfd5a4de46db0efbea20d1b3b33d24c1ea405db02e9152a5b5e1b5b9a38b315d5feee43c2b8ebe0a8f48576fdcc05d3cb569903ddc46db78422fd0b970bf7d319eaaa3c6beb64467706639fd8e68565ff351585981adaecf230a6adcda3a6ea41d4baadf644b4e8f4a9adef87e619b36b730c266376b5bcff73c6b94e73b7ce733d40defe8718818ad8804bdedc982d738350de139c44233402b231e2966e3b74b51aee5033d644a6c0646adf948760f0e57b73e200c2a803419c8a09aff8db369762a625dfee120a085df46a8ce9b9f624618ff5217bb48c669984fa41a1774685575bafbee4e44796e7c71ac39f3b74ef6b2dbe95e2d22aa48c0e31f233fa943d7e2663eeb1bf715d25ed0bf1dad9301a612c43c4b68444e5e65e9a50e1d79fea17dd643e1f71146f5fbd63dacc4690296739e7ef897cf4c8c83ee5da26c9a9cc4af5ee038d2ee0c1b30fbf9f22a3d530527985c09ac74a55c31ff85a0d2269136649cbe9ab2d2f46c33af28155850ccdb427f98a6a5a902a8c946b9748fe6ca4f9bd3b3a1976d0ad214ec3c799db3f3236beea1351928395ddff8f911609ea5549071dcda58d54db7c1e7ca6a78aa3a4b71978a9fde8c11ade220497a69b38277fcf745fad97f02c026024776d155cac144c1b14740292a118a0b3235ff05be2d3df7404f5c047504052dd2ea1757413de8ceda2849e3d64420bf0bf8a07692ab8ddd61ede29738fd234a1ed32094b4d7b9523b9f1dc1f7a375162d66a7976c02fc724766056f602ad2860d580ab6e016c80a9ef7856b6a794e7f4c53184feb2a75574845182df88bce5b6bb2da43972efe5ee3b7d1eabd6598ee06fe82fa13f8e36d736b049795770fe43caa62bd66eee7932d103f67b4a925d73b5a73b73fb1176d0e56b035f15a18a60617b045505b8d78198f1ad99cdb8c85acb9aa3b5d96ea2aa4e59c898e735b6e60507053effeae111f8aa97be0b8939b21390f96f6e52ad6e2d92f2827f0a56081e5b020e445dd3363a1cad1bb6e550d3ec45e052ad7b12c323960edb22ecf78d5b40d383acc0f77bb83829d2f98232e94b5a263a8ef22eb0c3e72b5ea1cf21a088208afcd49eaade98b6e16b0009dbe4aac878a0adf3a17501cbfbd47d7e91ee5c90609dd84014e8a02aecbd8f97976a124cd730c56d0c4f9ed3cfed9e7eafab83f0a67469d055eb57667c375b86fed7fab5b1e1a79943d49ffaee6bd1b36570bb39284a025bc20b9dcaf53f5fa60b4f35923615fe3c42a752521865daf7f628300c3754eb24f9566a525fcc17548754872b14c09ffba6db1ec7e26f5ccd68577d6f7fe41842f4633515a42e5c073e00e3376018a549a6cabd25d9d", 0x1000)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x20000000003, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000001400)={0x1, 0x1}, 0x8)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f0000001380)={'ah\x00'}, &(0x7f00000013c0)=0x1e)
r2 = syz_open_pts(r1, 0x0)
ioctl$TIOCGSOFTCAR(r2, 0x5437, &(0x7f0000000080))
r3 = syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x200, 0x228400)
getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f0000000100)={<r4=>0x0, 0x1}, &(0x7f0000000140)=0x28)
fcntl$setsig(r2, 0xa, 0x19)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000180)={r4, @in={{0x2, 0x4e23, @remote}}}, 0x84)
ioctl$TCSETSW(r1, 0x5441, &(0x7f00000000c0))
prctl$seccomp(0x16, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x5, 0x7, 0x7f, 0x8}]})
accept4$nfc_llcp(r0, &(0x7f0000001300), &(0x7f0000000000)=0x60, 0x80000)

08:35:19 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  380.907482] kauditd_printk_skb: 2 callbacks suppressed
[  380.907496] audit: type=1326 audit(1534494919.162:183): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13709 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:19 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x7a00000000000000)

08:35:19 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:19 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:19 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10040, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000e80)='/dev/rtc0\x00', 0xa200, 0x0)
r2 = getuid()
stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@ipv4, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@multicast2}, 0x0, @in6}}, &(0x7f00000002c0)=0xe8)
fstat(0xffffffffffffff9c, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000f80)={'HL\x00'}, &(0x7f0000000fc0)=0x1e)
lstat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getgroups(0x2, &(0x7f0000000440)=[<r7=>0xee00, 0xffffffffffffffff])
fstat(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
lstat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000005c0)={{{@in=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in6=@dev}, 0x0, @in6=@loopback}}, &(0x7f00000006c0)=0xe8)
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000700)={0x0, 0x0, <r11=>0x0}, &(0x7f0000000740)=0xc)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000780)={{{@in6=@mcast2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000000880)=0xe8)
r13 = getgid()
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
stat(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, <r14=>0x0})
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f00000009c0)=[@in6={0xa, 0x4e23, 0x1f, @empty, 0x1}], 0x1c)
getgroups(0x2, &(0x7f0000000980)=[<r15=>0x0, 0xee00])
write$FUSE_DIRENTPLUS(r0, &(0x7f0000001640)=ANY=[@ANYBLOB="980400000000000007000000000000000300000000000000030000000000000000000000000000000600000000000000b20700001f00000002000000000000000500000000000000010001000000000003000000000000000400000000000000ffffff7f000000000600000001000000000000000900000005000000", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="01000000ff7f000000000000060000000000000005000000000000000a000000ffffffff2f6465762f70746d780000000000000000000000000000000300000000000000a30e0000000000009af9000000000000950a00003100000005000000000000000700000000000000ebb2000000000000040000000000000009000000000000005c1c00000000000007000000ff030000010000800000008081000000", @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0700000009000000000000000300000000000000c700000000000000000000000600000003000000000000000200000000000000ff030000000000000900000000000000ffffffff010001000600000000000000080000000000000032000000000000000100000000000000ffffffff000000004000000000000000050000000800000000000000ec000000bb190000", @ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="08000000feffffff000000000300000000000000e1a800000000000004000000ff0700006264657600000000010000000000000000000000000000000800000000000000040000000000000091de0000e0ffffff05000000000000000000000000000000080000000000000081000000000000000000000001000000070000000000000020000000ce010000a69c00007a06000006000000", @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="050000000000000000000000060000000000000009000000000000000c0000000000010073656c6675736572656d302a00000000060000000000000002000000000000000d00000000000000f40a000000000000080000004900000002000000000000000600000000000000000100000000000000000000000000000700000000000000060000000000000009000000030000001f00000003000000da090000", @ANYRES32=r10, @ANYRES32=r11, @ANYBLOB="0700000005000000000000000300000000000000030000000000000029000000070000006574683023af2c6d696d655f747970652f2d5c6d696d655f747970657b2b47504c292f28657468313a0000000000000002000000000000000000000000000000ff07000000000000010000000000000003000000010100000400000000000000000800000000000007000000000000002000000000000000360900000000000008000000000000007bfa00000700000000000000ffffffff4c890000", @ANYRES32=r12, @ANYRES32=r13, @ANYBLOB="00020000080000000000000018000000000000000000000001000000070000000000000075736572292e290000000000000000000000000000000000ffca9f8f1d0000000900000000000000090000000200000005000000000040000500000000000000ff00000000000000020000000000000000000000000000001f06000000000000000000001fe6fffffffaffffff000000030000003681f256449a3b1cb42b2136107b64bacd9f52753b27d8b45afc77a5ee9f5afe6a2c2d7c9333de5784cc9bf3089c9fc4a2ba9b1a5c7b180a1b2a7eb6128229b6aec26558dadefd24534435e9207f64f8378e8f8ce302e7aa3c218a48b7f5567ce0df65d95d4c847c853304d033ac0b4bd1723dc66b43a479c97fece2ad8c1316985f03142a202e3d0721602569a25f7b85003772e31a37750da0d06fa9d9363db00fc16040ed0b8fe61c66e6089a77c4e3892be3b5666e55c2b8580b641cd0e32d85136da003998b28625c68213f426375e26a2cffc387931860a1883ae0c9e9ffa57ba62e5132f1541b", @ANYRES32=r14, @ANYRES32=r15, @ANYBLOB="6ac800000100000000000000010000000000000003326741ae000000000000007f000000d100d62733518e57f65cc51065b7a48e8e8230d47222fd876a92b12e72d903c3b6f81576c1e7f99ad4851fc835c2bf9d05000000b7266201b45de1d02cd1a8cbeb1acdcb93d9325b3e072fb56a53cb6e23ac5734602d7c93c30e6d9410b3a97e921126f9dda3aa00d08735bb4f112bd8dfc218edfabbf9da105a7eb094a7b07324328dd0b91c66567b09a2ca52bf54"], 0x498)
r16 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r16, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x4, 0x0, 0x1000003})
r17 = syz_open_pts(r16, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000ec0)={<r18=>0x0, 0x7ff}, &(0x7f0000000f00)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000f40)={r18, 0x7}, 0x8)
ioctl$TIOCGSOFTCAR(r17, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r16, 0x5441, &(0x7f00000000c0))

[  381.055399] audit: type=1326 audit(1534494919.309:184): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13768 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl(r0, 0x4, &(0x7f0000000100)="7fbed2ba4f33ab26ced8969f11f49060d037e2e3739b33d730f37af51ce55532edced118c3ef77aff9396549ca07d184d129e922f7343ad3189a2baa2a1fe6a7e9090b96cee022bada12b71032ae8915b54febb28a3849eaab95004c5f871b69eb915094344d5f17126f3d6aef503f8d03176fb19f9e0e1518615f59f6df121e68decdc6efa9400c9489101497af6eea07a93bed3b61dd8521a63c9990b84070f721b3c4b57a283a9550cd229db9fe36b09935d38e6e6645c7f053b0c4da000b7bdfc66ef94e084a1e6e21f27430f9688e887bb6646a2fc6c32a54a477cf1a25f8c25c590d5480050e2803eed681")
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r2, 0x40505331, &(0x7f0000000200)={{0x7, 0x8}, {0x1, 0x4}, 0x200, 0x2, 0x1})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:19 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:19 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:19 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:19 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:19 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000300)=ANY=[@ANYRES32=<r3=>0x0, @ANYBLOB="df000000565eb794b02a2c5332b43a37983fe5af8c4638346a0ed8b0325347eca397bf303c8adc1a541a851418b61578d67fcbebdad1248c5ee94b0402c2983cc441e84fc284f981de46f74fe11380697051fb48700fec4095b1e74dd56ee47943846a7e38c33c68fc33121f19019b361c15f1ff17d59b976724922a8cc590bf56758453afd33b3110f3859f6e5c1880c5067b595a801393842de21f18083a31491a3a6872b5a252cf4e6f08f408695e0fb071b47c5a9fa2ec6c92728b1400091dda09a1fc3178325b91be909ee4c4de76cbf9adfef56f115ec47d51892cb852048ab33ec03cb2789ebe27ed78f3bba14eae6a9e50f2ffcdd13a31c75a25b1e5fde9d1e7f78323a7b670d61476e9980f19c32ebf3a090abe9da19eb2121aa7f2ca6a570b6273b9660f1675e8edf75b4a1affc20ac59f827bcea137ef906a55883160ffbcbd5fcba84df2e25993698c6885361c89a918eac0d0cdf4be78f01012648c3913d5f4792ee19b34cf5087e9a64e3ae9c36b9be3c7abae947857e0538ac3e46ac142799b0044c52c7173873264a58a6f72e273ec7a0cf53e81e607f739c47b74073eb36766feddf2fcb1a44b4b114f399d01dc3c7d24d2e28236b3cdd35531db92814555f84bbdc64e7df9b2043a"], &(0x7f0000000200)=0xe7)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000240)={r3, @in={{0x2, 0x4e21}}}, 0x84)

08:35:19 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:19 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:19 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:35:19 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000100)={0x0, 0x59, 0x40})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$GIO_CMAP(r1, 0x4b70, &(0x7f0000000540))
ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b9fdc))
r3 = syz_open_pts(r2, 0x0)
ioctl$TIOCGSOFTCAR(r3, 0x5437, &(0x7f0000000080))
ioctl$KDSKBLED(r0, 0x4b65, 0x1f)
ioctl$TCXONC(r0, 0x540a, 0x4f31)
ioctl$TCSETSW(r2, 0x5441, &(0x7f00000000c0))
recvmsg$kcm(r1, &(0x7f0000000500)={&(0x7f0000000140)=@nfc_llcp, 0x80, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/240, 0xf0}, {&(0x7f00000002c0)=""/113, 0x71}, {&(0x7f0000000340)=""/127, 0x7f}], 0x3, &(0x7f0000000400)=""/254, 0xfe, 0x629}, 0x20)
ioctl$RTC_AIE_ON(r0, 0x7001)

08:35:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xfffffffffffffffc, 0x210000)
write$FUSE_OPEN(r1, &(0x7f0000000100)={0x20, 0xfffffffffffffff5, 0x2, {0x0, 0x7}}, 0x20)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x9})
r2 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r2, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  381.865349] audit: type=1326 audit(1534494920.118:185): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13768 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:20 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x68000000)

08:35:20 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:20 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f0000000000))
syz_open_pts(r0, 0x4000)

08:35:20 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  382.095319] audit: type=1326 audit(1534494920.350:186): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13817 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
syz_mount_image$ceph(&(0x7f0000000000)='ceph\x00', &(0x7f0000000100)='./file0\x00', 0x1, 0x8, &(0x7f0000000580)=[{&(0x7f0000000180)="869736559afb664b71aa73f128ca029a7d5054d588d2c9f992077a5581729bd3cde429ceae566af2002cab22e49f67ed346c73aa4e4eb923931407826018d49bab33173f67c47f07913dc204b76bf7d86ddb620311330b799dfd232f12249c9f2992ac8ffe9dfbc724f33513bd2963d93db1d07c50c93d396eb63a73164068d294f4f881e5c23446d0b75ec8d3c4650fb53457520d523a9aac7989e6901e16b9e23f41a47121b45532d1add14653d1039d01970aa4539dd9", 0xb8, 0x2}, {&(0x7f0000000240)="5b24d71516674c5d64ca9f4374", 0xd, 0xffff}, {&(0x7f0000000280)="0b3cf1eff11014a5e969c715bae72f161c7408", 0x13, 0x10000}, {&(0x7f00000002c0)="7d3c29ef539516ec3691c648915e927ea0c42b8c6501a7a5b8cd07c27946e5fd99803a6c9e2e8e5e76db52af5dda5726a8f5972ef59f209a22039793e3b7d2a5447e550498f7a1038846848172011b2f5c2d3bb26525af89aeadea79d8c8a5ff9630a1b7b3d73e40808728b3161eff5ee0dece33b2c4198f6b7251051203585add80c0d966f958f46caf40eb4616ea0c7a0b6d713424897567e2309251d6f728bfe397cfd10943eaa1b9a04f", 0xac, 0xed6}, {&(0x7f0000000380)="81bd72b0768129130fc4085a3073b69c90f1cea6569846c105faedc928ad696b625e0cdb5c9091944e05c48cd834c1ebbfd963", 0x33, 0x3}, {&(0x7f00000003c0)="61a8f7c3f94cf79bdb7f9205073d3eb4e9adc167042f561dd1073082413c5bf548fb5aed69df0c76d1f1729ef6096951f1e2a4787106713e2f55bc522aba3a9d19acdffda336962b91465bb48dc2ea4354dd3d8783cafcafdc6bc347d8cbfce4867a57dcf19790c249c7088e5e4713acdcb3e9760c0af565530e1e8eb344e4c86ce8b81cc7d80c4dd3a58cf2319ba53ee801f95e2f22083b97e389", 0x9b, 0xbe5d}, {&(0x7f0000000480)="e9a71550c3e76cdbeb0e2bb551f9ae77e01c83734299fbf73715b1efcbc46b17ae0e39cec2f233f76354b1ba381d63c02a0a44b4c8eb4e73a559263360a884c320469b2eec96cb4ace5a7e2f5dc607d97de5bc2b9c464a12ca05ab8f6e9720cc2c43d081", 0x64, 0x8000}, {&(0x7f0000000500)="c7b7adf7509f05ed151a3e7f9124ced3ff67a4a745d3c73e855c6354ef0ea14919fef7ee00e9b1c96fcab3c5ba16335e4c077c8d886ebd9b941f5b959e587292bb6980dab741d21c80376cc832ac540b699725b79ae671b8539fb0d749e42c91", 0x60, 0x800}], 0x1000, &(0x7f0000000640)='eth1!\x00')
socketpair(0x9, 0xa, 0x5380000000000, &(0x7f0000000880))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000140))
r2 = gettid()
fcntl$lock(r0, 0x5, &(0x7f0000000080)={0x1, 0x3, 0x5, 0x7, r2})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680)='/dev/hwrng\x00', 0x10000, 0x0)
execveat(r3, &(0x7f00000006c0)='./file0\x00', &(0x7f0000000780)=[&(0x7f0000000700)='ceph\x00', &(0x7f0000000740)='eth1!\x00'], &(0x7f0000000840)=[&(0x7f00000007c0)='(cgroupeth1\x00', &(0x7f0000000800)='/proc[vboxnet0em0ppp1\\vmnet1"\\\x00'], 0x0)

08:35:20 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:20 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
ioctl(r0, 0xffffffffffff8001, &(0x7f0000000000)="a26e31937f76dc64a1fcd34f51")

08:35:20 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCLINUX6(r1, 0x541c, &(0x7f0000000000)={0x6, 0x53d4})
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0xfffffffffffffffd, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x1, 0x80040)

08:35:21 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000000))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:21 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
syz_mount_image$ceph(&(0x7f0000000000)='ceph\x00', &(0x7f0000000100)='./file0\x00', 0x1, 0x8, &(0x7f0000000580)=[{&(0x7f0000000180)="869736559afb664b71aa73f128ca029a7d5054d588d2c9f992077a5581729bd3cde429ceae566af2002cab22e49f67ed346c73aa4e4eb923931407826018d49bab33173f67c47f07913dc204b76bf7d86ddb620311330b799dfd232f12249c9f2992ac8ffe9dfbc724f33513bd2963d93db1d07c50c93d396eb63a73164068d294f4f881e5c23446d0b75ec8d3c4650fb53457520d523a9aac7989e6901e16b9e23f41a47121b45532d1add14653d1039d01970aa4539dd9", 0xb8, 0x2}, {&(0x7f0000000240)="5b24d71516674c5d64ca9f4374", 0xd, 0xffff}, {&(0x7f0000000280)="0b3cf1eff11014a5e969c715bae72f161c7408", 0x13, 0x10000}, {&(0x7f00000002c0)="7d3c29ef539516ec3691c648915e927ea0c42b8c6501a7a5b8cd07c27946e5fd99803a6c9e2e8e5e76db52af5dda5726a8f5972ef59f209a22039793e3b7d2a5447e550498f7a1038846848172011b2f5c2d3bb26525af89aeadea79d8c8a5ff9630a1b7b3d73e40808728b3161eff5ee0dece33b2c4198f6b7251051203585add80c0d966f958f46caf40eb4616ea0c7a0b6d713424897567e2309251d6f728bfe397cfd10943eaa1b9a04f", 0xac, 0xed6}, {&(0x7f0000000380)="81bd72b0768129130fc4085a3073b69c90f1cea6569846c105faedc928ad696b625e0cdb5c9091944e05c48cd834c1ebbfd963", 0x33, 0x3}, {&(0x7f00000003c0)="61a8f7c3f94cf79bdb7f9205073d3eb4e9adc167042f561dd1073082413c5bf548fb5aed69df0c76d1f1729ef6096951f1e2a4787106713e2f55bc522aba3a9d19acdffda336962b91465bb48dc2ea4354dd3d8783cafcafdc6bc347d8cbfce4867a57dcf19790c249c7088e5e4713acdcb3e9760c0af565530e1e8eb344e4c86ce8b81cc7d80c4dd3a58cf2319ba53ee801f95e2f22083b97e389", 0x9b, 0xbe5d}, {&(0x7f0000000480)="e9a71550c3e76cdbeb0e2bb551f9ae77e01c83734299fbf73715b1efcbc46b17ae0e39cec2f233f76354b1ba381d63c02a0a44b4c8eb4e73a559263360a884c320469b2eec96cb4ace5a7e2f5dc607d97de5bc2b9c464a12ca05ab8f6e9720cc2c43d081", 0x64, 0x8000}, {&(0x7f0000000500)="c7b7adf7509f05ed151a3e7f9124ced3ff67a4a745d3c73e855c6354ef0ea14919fef7ee00e9b1c96fcab3c5ba16335e4c077c8d886ebd9b941f5b959e587292bb6980dab741d21c80376cc832ac540b699725b79ae671b8539fb0d749e42c91", 0x60, 0x800}], 0x1000, &(0x7f0000000640)='eth1!\x00')
socketpair(0x9, 0xa, 0x5380000000000, &(0x7f0000000880))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000140))
r2 = gettid()
fcntl$lock(r0, 0x5, &(0x7f0000000080)={0x1, 0x3, 0x5, 0x7, r2})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680)='/dev/hwrng\x00', 0x10000, 0x0)
execveat(r3, &(0x7f00000006c0)='./file0\x00', &(0x7f0000000780)=[&(0x7f0000000700)='ceph\x00', &(0x7f0000000740)='eth1!\x00'], &(0x7f0000000840)=[&(0x7f00000007c0)='(cgroupeth1\x00', &(0x7f0000000800)='/proc[vboxnet0em0ppp1\\vmnet1"\\\x00'], 0x0)

08:35:21 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  382.921958] audit: type=1326 audit(1534494921.175:187): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13817 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x50100, 0x0)
ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000180)={0x80})
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r2 = syz_open_pts(r0, 0x0)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)
ioctl$TIOCGSOFTCAR(r0, 0x5437, &(0x7f0000000080))
ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f0000000000)={0x100, 0xffff, 0x5})
r3 = dup(r0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r3, 0x40045542, &(0x7f0000000100)=0x1000)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
ioctl$KDSETMODE(r0, 0x4b3a, 0x100000000)

08:35:21 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x74000000)

08:35:21 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:21 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:21 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  383.161197] audit: type=1326 audit(1534494921.416:188): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13885 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0xaf78, 0x10001)
ioctl$ASHMEM_SET_PROT_MASK(r2, 0x40087705, &(0x7f0000000100)={0x7, 0xff})
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:21 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x40000, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x101, 0x8001, 0xfff, 0x3f, 0x81, 0x3d, 0x1, 0x401, 0x3, 0xca, 0x80000000, 0x7fff})
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x204000, 0x0)
ioctl$KVM_GET_PIT2(r2, 0x8070ae9f, &(0x7f0000000140))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
write$binfmt_aout(r0, &(0x7f0000000100)={{0x1cf, 0x5, 0xb0a3, 0x57, 0x2e6, 0xffffffffffffe5d5, 0x1a6, 0x6}, "d809d1bbd40d5d1263a947e76eab69ef3e585aa6254454588bfe4cf34d64b75100d152225e730c5d2c2b44cac4a272e4e4092b88b1fb4c99866acfc7843eee7fb0138cdb52d818326a43344d57436ce2f6c5aeee17ac15bab9bd1b629d36a14e0345afadc716c4fddd33624a515593c73ccc30385321b77850e097e244a65f9f4085e9733ae52ae90f1d14406fa04c0467b7a84720ced08a9329ccb54721647acc42c647d9e8dcbdfb909e0804eb1d16db9f884689ef2d51eb9f84c84edebd09569870b6ade9c644cdbbb8ed6cda1ac9f541c604639b88d343398292482b39bd1a3e130b6b8b09ca8afbb8d152574550dbe1def418e8dd41f4af1688445c9e571ece27e3e3ab040e1cddccf87375c914370b47fee3bffd7d723c6546808fcab9c67f9af22ef5393d74ffae89e515c1bd338b9df698057719864bbddbabcca0808570dcf4635414c7f30f3f6e5c1d3fae6c3f569682e36f7c4daa02605e78aad596f7bf77cb5b34a1fa0fff743dc9e645165dde1c5132b8893a0d4bbb3c57970e7cc8199b8d5c1afe86ef8f1ce9a2c515a7ee9e0819e9a0703d145c7ea2e6a8c3c62c7343dda526b09f28bae16712afdb29be58561071a2459af967a352b141dcc4c0e30ee716a89afaaa0e0aecb0cabd4a185144002e9bb93f6e9bbd9e9a8a408df9d6ea6bbab5a3fd8a4f10774d1a17e36643ab96fb96fb310c4581271da2530cbafa7875ea2052f4608655bab14aa326eca4e2794c1d7cf044b3c13547c2f4e532e0d0440aa2dd9dbcc6ebb4e364aec2b4f33ad7bd41bbaefd30fb59f737b4626d89fb55772c55dcf13d6bf3c44067c0d351ba28d51ce3dc340acc618f6717b73dfa2ba3dff6d3269492700bc867e92ef19ee5bc1fb4bf9f47034dd8f51be617697f3c905d8fe5b47ed7105eaf3b7b17a750ca97d9f6a16956b7135bd822752934c9f1e0321b0bb37162b4c20fc99f88751a8aeff25fdf6dba8b58180961b321d86c206cd46e8079fd44b8f8e5787da9f5f837309f8ff97b918c52b04c4f0a42348b8c292a18abd754af0a5eeb9ef2f73641f6b93b4448cdc9409732dcc7e659aaad1c9472b8918bd0144a6d44337ef294018467a33b0cf27828d43478baa03b97a351cc3f91ea38a832209c5011b835ab37446bccdde616204e0e16eda17fecd6bf5fc5e087cbb766cf82529f4713954161a1e433b92104f37982c7911b5f36e8b735652ce338c1a92c7d422aa49e23ff3bddeba15d680f8bdb1200d6812e69c8e3cddaf55c28be4ed0e8629ab24e72b460174208771530725a83dcff2fc1ecf49cb41faba1e9b0a8c513309a868eb47fca4cd550ae68b6b6d1c02c6ce45f9748ede5e5249359ef6d2fc921fe4f7810fff5be52255ea88ec5b9811090f3f546c29085944b9d16e80aad76f57662f7f9e03ca575ca9b55bf33d352f107af641e6b791f9cdfece47187aba7aae1b7f0a5b101bd8d36b8538af37466fbae21f83ed6a3e89a103e35b600831585fe3505b88ddba38067f9d059d366d1ba27909eb10c96a2fe2070da716631c55c300484e53082555a5cdcb9d7fce8f6a0f5f254ce90b9d78c0485ad818b4933341135424cdacb318283a8d37d746b62c5041f89d003cf7fe88e7efa24d5768ff5648444e25d03ba8a1cb10a26ef4929e09a4f15bbfbafb68e6f5e54076edd4e471d67ef953eaec4893b8e7d1dbb7426a297b23dcbaeab6d2ccb23d4fd4927dd8894561251362da9049ae333a0f2ba07be3ce566e1903c851ce10b132766d517304b0b0b9c968d275f8aec066d9f1e094e17eb8b2bc3d21dd791d64fc721e79561baa638da38f56911fbbf5a9ffce0c4b00b95d9c912d16d92fcb73150cfac6c4b732ccaed360dd4882a09bac743533462d5097739441905ce9812d02408ddc5bc581988d4f3024fde43683da4b1fe63a123175d2e934d16c813ed6889ec47553bd473e5e9cf14217ac8117726a95f7daceeb271d9f02c9771136ee07caf9507b2d6bc543508473a4cc575951b72e48c7c96e3711aa2bcc89b12e76871f5729cc927aee4561d9d93e94890634780f1a5e0637d9dd74c7314f16d7350274a39b6514736d53c078c960e89333260d95b27b309c2bfdb3403089e61c2a28170db1da2718b571a41a77e8e93f73b8581e9b1165f0df7ff394bacd200739dae32b24fa3d4a5a00bf50fa76e86fa8d0599e11402461a3e81c71edb8da555afc7cec601c2ff83a6d8bed02393f1a445f70950bcfd3e68728d7ebca11f2541f1c474ba48aac4cc025875e98fd069eed204f75bcfcc6cbd37f34d129e2fca28dac54f58a8455914bc0f2f51db4d8166785cfd5342045cccb2bb8cb8af31b9fec778a9bfe47be1f36afeb593acfe6ae3c7b3e3804f2f43756e61cbab465bbda0e6fb4c3840bd811bc9a19cf8172578cbbf6559eb1291bb7c7c7510f42a986ff611ee90b425b715a5c978a37ef5979941f1c492acffba70d106d80b8774248c835808d668518c384da51ddeef8e244f6ce892ca9abbb7f1874653caf736eeece7feaa63d031cf7e4ea236adfed4e8617e9158235955e75512714eb6623b73915bf8d62d766aa858596b74ae70237571d9f6a282d6843ea86665361544ec059f04cbabcc218008084a05091ba51b2c0c2bae90e37e0960954ff8c52a92c120a7b9b5f3eb8dbc8973a49770e9b7249aee24c7d7a51309b4da33ddcfe09de4d704b3b748086a9eb63127bae9c96141da3b73c50bccde21b985592dae17bb6245113b08d091a83da848cb4961631b8989c4fa4597faafda64d4df4a5cefb2c12b12e055acacaf26e605a1654c89316ef2a9e61cbb4d0d601469867eb9a43aef080679bea05a995fd577c5060f2046d33a9a219fcaec63e5e870a96848daa78aa00cb8dddd046764e365d6de63f15ee07e7e4f2e7f9b08b0944c1b26efa9c2ef415cb1a5db92d9aa9c1d2b4e78db4d71c4a6c4bbd131552a736b1834a078b70f8437135a677da079f6c90080a6dd94d280fcdb8a4d957e38e01500493f54c8781c9fa9dae0433221de05355aeed5d200471a34be4ed5008f02a4b1265e8ec444caef9eec969da7d60938800b9c9f0431d57b4aaac198c567dd1fa4b538a66b80661b2d383ac61488e58688b2a298a68bcc33e33f002b6074aa6580bf9774024a54b19ec095f0a3f4337990ee7aadcaff42928b3c52ffefb483b2b75df205396328f0715fc67b32894207d385334d51395aeccd2da121a9c8a24ae526d2ba66a190db801deb022d206603394b0440f1cc026ccc1e37c816f81f5fe24bee581bf64f74903dbf34c1bfc6391593ca6d9e5989834d76378891941b6d24045aff5072fd48fecc923983e163c11135138f06dc5ff01fa6250139576a7d10534b9e1482be68fb85ed1dc74db62fb736f63e29b0d99a3102fd39981977f076841051104592a2120aecc540a8e85b0f25d5cfb239b5a3e5406e6d22e57f709db721e08c09d0da47f676e219cd702725add0ddc2978c92c9be1bb8cf751d347f4ddc355ac73285e8d72b8de8eae84ffcf0a84e999d3978797566a8fa57cf67575fcf1891a104f549d345bd9ea5e5ab6da1265346139e9bb57d2ba49ceb0e9c34829ceeaf974b95f49ebf495f51116e94478aee43f0658b2118189add92f4454e963ab6021ddfe3c178cae7effcfdc1c52ed51fc60ea036914c8bcc95d5284cb8cf38045da75f0341eed0d1e7660be1743324a0d28b0c1fe7c9b9f51e6b510d295910bb1aa7e817cefdaa8c651cbd405b7445a97f92000e967b21f6cd5c99d255a7e0b82e6b0c8a3f0d94d6e43536a33eef605dc2d4ec575ee33c41f0b3140190af9d8cde3771c9fe4dbe0fe618af7ff14494b5b20d06ab65958bf41af9e3717164029856de37366caa014edaad7a538f6d23af36a2e2664437ad2b1deb8e99755b7f6c93638dd76510130e7f04904f72f3ffd349671d4e9f0a6c0a257cc48960a54792d4ac2fcbd3f043402c8272964ed71b437a7cca2fd5f5ca1fbe0ab7912d2bbc8d3898a2044cb609bb8f110b8534c84305b644af6b201477b99b73afb51eb7330e82eeff129657c7bd55d7ddfcd1eb1c8a3eb7932d30e210799a8ab1f10847ed8b4163678c3dd2cce715856f8b582e9a02881d13b43505c6c085857ca08c49cc60a0cf07914c56afe2b59496af6520147e12b7ee59017796256b00a35aa799eeb0d0c01deb24f01dbf2353752537a43fa4683d28906f234ef7665195bfd33ce3a8377175023152b25342d0289ba868a22b482f78693869e49967529ef1d89fbe33f4c945f47130fcedd405479dbf4a2a31a648077317d47e35f4fe742d0694d38cdd1a41654416ec85d895a4e93730830929613ef989efa813b54ab6f1e42a0d750bac02b3060182b30aa659b481d67a552b72101c7ab25e04125e7863e503e0d5a6ba3af93e65d1155f811e1c56450a7a22218ab58fc1fc63a96473127f6edacc21894d88ccef2b70cbabf846389335317ba7ef88a5556da9790acbbd2193e49c1f6800d52c00edb6bd824641ce6169936f400598ddd72244b8dee04e7e9e24722672ba2f47d1487d8c76e1178ecb39c13cdce004b4dde63c2a74609f7e4760594b5154f68e19b0b4142492f13418e5623b38800c7d534980afdba27e428821d09654bab876cc40c9cf9ef5dde139fd8108e120a3d8ad72eca1e806d74d5dd70869171205c0d5e3654ea37e65729b498699e3c6a6fad00b077ebb07154e39c9d9e76197aba38b3d82c0309e465e07da4318ed1346ebb42c9f9e9840cf0f01430db9b849762c8dc0de08a2aeeb56e5d62a3cc408da04aa70f692230b7fc29ed7df2751ec5da5d30128e61bfbc1e99ab25448ecb8237e970fea7a833c2572f4206ec91dac3b3eae10fdba8590ff8565999ae0cfd320e9a4ba89296c3865f90270eb826e539bf0a494781b95dbb23a9a29632abaa0ea12574be2083e67ea5f7b577b25a3681dd781c5fcc29900b9cd1849e8765f058afc54da353a90c51e3a0079853142c9cc622c36fe14458b089e5707338885aebb300cf1abc972f99c76cfeacd4125cc4493f66d953f170d3d7c8c023f4591a882290fcd4ab6e36351a1554481f70ee6f8f9ad234dd7a657af7df165110960cacf158725a5d45f2277e61d3bce0c5de28577e7a100a5e53600193a33e956c02b614aabc3b4dd7dd0b57f2a71b3457e294df0f12f488c360d43af45a70140654b764c4de6b7739d0ce0ecf710bd014ba0bf24014a1990d437befbec494ce1da3926ee9db3235b32e87503663a3f541ac81286bbba1a0a48898fab037d930c0c23e25dec083edd8fa85a2114674aec77426cda3ec7178e0084a07d95add223142b0e73452a3e068d57214cb2b468507734328be90a97b881d29480a394e8c637dba6a38571eeddf59309a7c3c92da642b5f58d788a7e22ab8a8868af9126aa212a81227932970aa0b68c84dce54e909a88369bd9c3e16f48d4976987b780ba781a634b422dd3297a2499379ec2fc66c319419b5550f444ca3c03b0e39e43b02c00bb33e9d443e9abbd835df0429c0169c6eb372d1011585be24351c9b00b970c25231efbf8ad04934b5c7c791f8f63d711ee028acfa7e711e36be7c63a28aa14918b7350a1e9b2d1a347c03efa03042b5066b3ae7bbbc60a1e3e5bda9177035df5ccbcf6b14c3e16c74b2d83e2a4e5f96ac8b55e15ee59d85192f5d368b037a59bc004ea28429aca26f6949d0477f0cf4f69bd8442e5c3978ddc86e64d953724981ed746723304f0e7cb96f1", [[], [], [], [], [], [], []]}, 0x1720)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:21 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:21 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x10, 0x8001, 0x5, 0x1, 0x100, 0x8, 0x9, 0x8, 0x0, 0x71, 0x7fff, 0xcf9})
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000100)={0x4, 0x5, 0x3, 0x10000, 0x81, 0x8001, 0xa2, 0x200, 0x3f, 0x4, 0x80, 0xfffffffffffffff7})

08:35:22 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  383.951133] audit: type=1326 audit(1534494922.205:189): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13885 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:22 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x6c000000)

08:35:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x1)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x400, 0x0)
write$cgroup_type(r2, &(0x7f0000000100)='threaded\x00', 0x9)

[  384.094035] audit: type=1326 audit(1534494922.344:190): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13929 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:22 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:22 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:22 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd})

08:35:22 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000000))
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:22 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000000))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:22 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x400000000, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
r2 = getpgrp(0xffffffffffffffff)
ptrace$cont(0x3f, r2, 0x4, 0x100)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
tkill(r2, 0x19)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x100000000, 0x100)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000100)=@int=0x5, 0x4)

08:35:23 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  384.871567] audit: type=1326 audit(1534494923.126:191): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13929 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:23 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
r2 = getgid()
r3 = getgid()
setregid(r2, r3)
r4 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x8000, 0x200000)
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000480)=0x2)
ioctl$SNDRV_TIMER_IOCTL_START(r4, 0x54a0)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000340)={0x7, 0x8, 0x7ff, 0xff, 0x2, 0x10001, 0xfffffffffffffa8b, 0x1, 0x2, 0x7ff, 0x7, 0x8})
ioctl$TIOCGSOFTCAR(r4, 0x5419, &(0x7f00000000c0))
write$vnet(r4, &(0x7f0000000280)={0x1, {&(0x7f0000000100)=""/199, 0xc7, &(0x7f0000000200)=""/69, 0x0, 0x1}}, 0x68)
io_setup(0x4, &(0x7f0000000400)=<r5=>0x0)
io_destroy(r5)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000300)=ANY=[@ANYRES32=<r6=>0x0, @ANYBLOB="01000100361a020200"], &(0x7f0000000440)=0x2)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f0000000380)={0x795, 0x8000, 0x4e67aabf, 0x0, r6}, 0x10)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000003c0)={0x0, 0xaf})

08:35:23 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:23 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x7a000000)

08:35:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000140)='fou\x00')
ioctl$BLKROSET(r2, 0x125d, &(0x7f0000000240)=0x7fffffff)
sendmsg$FOU_CMD_GET(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100188}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, r3, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@FOU_ATTR_PORT={0x8, 0x1, 0x4e22}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x62}, @FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x5e}]}, 0x38}}, 0x4040000)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  385.152894] audit: type=1326 audit(1534494923.379:192): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13982 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:23 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:35:23 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:23 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
r2 = dup3(r0, r1, 0x648603dec58a65f6)
ioctl$int_in(r1, 0x5421, &(0x7f0000000000)=0x4)
getsockopt$IPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x43, &(0x7f0000000100)={'NETMAP\x00'}, &(0x7f0000000140)=0x1e)
ioctl$EVIOCGVERSION(r2, 0x80044501, &(0x7f00000001c0)=""/165)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:23 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:23 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:35:23 executing program 1:
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x140)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000100)=[@in={0x2, 0x4e23, @remote}], 0x10)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:23 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xaf88, 0x101000)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:24 executing program 1:
r0 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  385.920507] audit: type=1326 audit(1534494924.175:193): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=13982 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:24 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x68)

08:35:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x101000)
ioctl$TIOCGSOFTCAR(r0, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, 0xffffffffffffffff})
r2 = getuid()
r3 = getgid()
chown(&(0x7f0000000180)='./file0\x00', r2, r3)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000100))
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000140)={0x4f7, 0xfd8a, 0x7, 0x461a, 0xc6, 0x2, 0x1, 0x6, 0x9, 0x77, 0xffffffffffffff1a, 0x655})
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x400000, 0x0)

08:35:24 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480), 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  386.174056] audit: type=1326 audit(1534494924.428:194): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14044 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0)
getsockopt$nfc_llcp(r2, 0x118, 0x1, &(0x7f0000000100)=""/142, 0x8e)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
vmsplice(r2, &(0x7f00000002c0)=[{&(0x7f00000001c0)="8b145ce48129e07f3a11e6891f459c9b930a8a255eccb3e92f3a6206c4a80c9181e1793a6e0c1f8d48a7736d427a979b2f92c2aa19e882d0ddb979873e91a2f03c070db00b3c6a33458df5d7103eac732875873cf87e887a1d3dbc45e97c4dd26181880c7dacdc28453d649e6411f5f28778e60e922bc675f4df9db2ef0c688f18dff346a72c68771f682bb535c661bab741961ddda4a3f9ffe06f2965408b156b5772405371e22d923ec2f18ac91e57a4af4237cf5ce9db4ee1296fb301369b5a5548f36c4e7774a1996a5f32ffa64f014d4233e45e1f294af4bff4aeb70f8e1f5adc86bac598f8b9ae1e2a1a930a406f20b873c4ff943e49", 0xf9}], 0x1, 0x4)

08:35:24 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rfkill\x00', 0x20000, 0x0)
bind$nfc_llcp(r1, &(0x7f00000002c0)={0x27, 0x0, 0x0, 0x6, 0x8, 0x8, "9e1d18f548e80ebe8f9e8fb594aec386c67104f4088eac578604b1b8092b67f4e8649fd93638fdb0266ea7be55bf42a0ba3dd0ed95af13014dd3285ef9adec", 0x6}, 0x60)
r2 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1, 0x101080)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000100)={<r3=>0x0, @in6={{0xa, 0x4e21, 0x7, @loopback, 0x5e2}}, [0x6, 0x3, 0xfffffffffffffc77, 0x3, 0x18, 0x6, 0x1ff, 0x8933, 0xffffffff, 0x6, 0xc37, 0x4, 0x8, 0x5, 0x400]}, &(0x7f0000000200)=0x100)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000240)={r3, 0x8}, 0x8)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
write$FUSE_NOTIFY_POLL(r2, &(0x7f0000000340)={0x18, 0x1, 0x0, {0x1}}, 0x18)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000380)={r3, 0x7}, &(0x7f00000003c0)=0x8)
r4 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r4, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:24 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x101100)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000000)={0x2, 0x1ff, 0xffffffffffff0a03, 0x69db, 0x69, 0x6})
ioctl$TIOCCBRK(r1, 0x5428)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
fchmod(r1, 0x10)

08:35:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f00000002c0))
r2 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x6, 0x200)
setsockopt$RDS_CANCEL_SENT_TO(r2, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x4e23, @multicast1}, 0x10)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:25 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000000)=0x1)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000100))
ioctl$TCSETSW(r0, 0x5441, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401})

08:35:25 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  386.962954] audit: type=1326 audit(1534494925.217:195): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14044 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:25 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x6)

08:35:25 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:25 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
r2 = socket$inet6_dccp(0xa, 0x6, 0x0)
r3 = accept$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000100)=0x1c)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x7, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x11)
ioctl$RTC_PIE_OFF(r2, 0x7006)
getsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000002e40)=0x8, &(0x7f0000002e80)=0x2)
ioctl$sock_SIOCGIFCONF(r4, 0x8910, &(0x7f0000000200)=@req={0x28, &(0x7f00000001c0)={'erspan0\x00', @ifru_flags=0x9000}})
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000240)={<r5=>0x0, 0x80000001}, &(0x7f0000000280)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f00000002c0)={r5, 0x1ff}, 0x8)
ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000000140)={0x5, 0x4, 0x3f, 0x81, 0x800})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:25 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  387.129721] audit: type=1326 audit(1534494925.384:196): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14103 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:25 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:35:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x4, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000000200)={0x5, 0x8000000000000000, 0x6c1, 0x9, 0x8})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5437, &(0x7f0000000240))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000))
ioctl$KDGKBENT(r1, 0x4b46, &(0x7f0000000080)={0x9, 0x2, 0x1})
r2 = memfd_create(&(0x7f0000000100)="ab706f7369785f61636c5f61636365737300", 0x1)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280)='/dev/hwrng\x00', 0x0, 0x0)
ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f0000000140)=""/150)

08:35:25 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:25 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:25 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:25 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:25 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)

08:35:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x4c, 0x8c000)
accept4$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000180)={{{@in=@multicast2, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@multicast1}, 0x0, @in=@rand_addr}}, &(0x7f0000000280)=0xe8)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast1, @in=@multicast1, 0x4e21, 0x4, 0x4e21, 0x82b7, 0x0, 0x20, 0xa0, 0x21, r2, r3}, {0x1f, 0x4, 0xffffffffffffffff, 0x265d, 0xfffffffffffffffe, 0xc7, 0x5, 0x5090}, {0x5, 0x6d7, 0x8, 0x1ff}, 0x7, 0x6e6bbf, 0x1, 0x1, 0x3, 0x3}, {{@in=@rand_addr=0x200, 0x4d3, 0x3c}, 0x2, @in, 0x3503, 0x0, 0x1, 0x100, 0x8, 0x85a, 0x7fffffff}}, 0xe8)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r4 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r4, 0x5437, &(0x7f0000000080))
bind$llc(r1, &(0x7f00000003c0)={0x1a, 0x30b, 0x2, 0x3, 0x6, 0x8, @link_local}, 0x10)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:25 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:25 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:35:26 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  387.918200] audit: type=1326 audit(1534494926.173:197): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14103 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:26 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x3f000000)

08:35:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x6})
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x400, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000100)=ANY=[@ANYBLOB="60fd4b07f500"])
r2 = syz_open_pts(r0, 0x0)
ioctl$TIOCCONS(r0, 0x541d)
ioctl$TIOCGSOFTCAR(r2, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:26 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:26 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:26 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:26 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  388.184152] audit: type=1326 audit(1534494926.439:198): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14163 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:26 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:26 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
getresgid(&(0x7f0000000100), &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000180))
lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, <r3=>0x0}, &(0x7f00000002c0)=0xc)
r4 = getegid()
setgroups(0x5, &(0x7f0000000300)=[0x0, r1, r2, r3, r4])
r5 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r5, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:26 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:26 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)

08:35:26 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x900, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000000100)={{0x3ff, 0x100000000}, 'port1\x00', 0x92, 0x20000, 0x6, 0x9, 0xa9, 0x9, 0xfc, 0x0, 0x4, 0x7})

08:35:26 executing program 3:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:35:26 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:27 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  388.717585] pts pts0: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  388.737815] pts pts1: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  388.974743] audit: type=1326 audit(1534494927.229:199): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14163 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:27 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x500000000000000)

08:35:27 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:27 executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:27 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x900, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000000100)={{0x3ff, 0x100000000}, 'port1\x00', 0x92, 0x20000, 0x6, 0x9, 0xa9, 0x9, 0xfc, 0x0, 0x4, 0x7})

08:35:27 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:27 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  389.164812] pts pts4: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  389.199054] audit: type=1326 audit(1534494927.452:200): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14225 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:27 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:27 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:27 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280))
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)

08:35:27 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x900, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000000100)={{0x3ff, 0x100000000}, 'port1\x00', 0x92, 0x20000, 0x6, 0x9, 0xa9, 0x9, 0xfc, 0x0, 0x4, 0x7})

08:35:27 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x101002, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$SG_NEXT_CMD_LEN(r0, 0x2283, &(0x7f0000000140)=0x73)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r2, 0x80045530, &(0x7f0000000100)=""/51)
syz_open_pts(r0, 0x0)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:27 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:27 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:27 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  389.406536] pts pts3: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:27 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:27 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:28 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0xca000000)

08:35:28 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:28 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x900, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000000100)={{0x3ff, 0x100000000}, 'port1\x00', 0x92, 0x20000, 0x6, 0x9, 0xa9, 0x9, 0xfc, 0x0, 0x4, 0x7})

08:35:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x40000, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r2)
r3 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r3, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x58400, 0x0)
ioctl$RTC_ALM_READ(r4, 0x80247008, &(0x7f0000000240))

08:35:28 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:28 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:28 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  389.969119] audit: type=1326 audit(1534494928.224:201): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14225 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  390.062376] pts pts5: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  390.064692] audit: type=1326 audit(1534494928.318:202): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14270 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:28 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:28 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x900, 0x0)

08:35:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000000))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:28 executing program 5:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)

08:35:28 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  390.281809] pts pts6: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:28 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="000002000000010146955f9356cf2339983ec994b60b251b593a627099f3c0d264f63eb5a59cb9f5f345e4bba161aeb6ba2fb2ce0daa913d10621f19055ff1deb5627d7e97d00f1a48460a39913b6f856fbf90284e58889dc333884d4e4c44f6a01106385ee3cbc7d0c4a76146928f"], 0xc)
getegid()
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)

08:35:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
dup2(r0, r1)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:28 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:28 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  390.495219] pts pts7: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:29 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x4c)

08:35:29 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:29 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000001c0))
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x200, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$BLKIOMIN(r1, 0x1278, &(0x7f0000000000))
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x10080, 0x0)
write$FUSE_IOCTL(r2, &(0x7f0000000180)={0x20, 0x0, 0x4, {0x18b6, 0x4, 0x1}}, 0x20)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

08:35:29 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:29 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:29 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="000002000000010146955f9356cf2339983ec994b60b251b593a627099f3c0d264f63eb5a59cb9f5f345e4bba161aeb6ba2fb2ce0daa913d10621f19055ff1deb5627d7e97d00f1a48460a39913b6f856fbf90284e58889dc333884d4e4c44f6a01106385ee3cbc7d0c4a76146928f"], 0xc)
getegid()
ioctl$FICLONE(r0, 0x40049409, r1)

08:35:29 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:29 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:29 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:29 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:29 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
symlinkat(&(0x7f0000000000)='./file0\x00', r0, &(0x7f0000000100)='./file0\x00')

[  390.998997] kauditd_printk_skb: 1 callbacks suppressed
[  390.999011] audit: type=1326 audit(1534494929.253:204): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14335 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:29 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:29 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:29 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$TIOCEXCL(r0, 0x540c)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:29 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:29 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$KDDELIO(r0, 0x4b35, 0x3)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  391.459891] pts pts8: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  391.772266] audit: type=1326 audit(1534494930.027:205): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14335 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:30 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x600000000000000)

08:35:30 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="000002000000010146955f9356cf2339983ec994b60b251b593a627099f3c0d264f63eb5a59cb9f5f345e4bba161aeb6ba2fb2ce0daa913d10621f19055ff1deb5627d7e97d00f1a48460a39913b6f856fbf90284e58889dc333884d4e4c44f6a01106385ee3cbc7d0c4a76146928f"], 0xc)
getegid()
ioctl$FICLONE(r0, 0x40049409, r1)

08:35:30 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
syz_open_pts(r0, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000100)=0x1)
creat(&(0x7f0000000000)='./file0\x00', 0xa0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f00000001c0))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:30 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:30 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:30 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:30 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:30 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
syz_open_pts(r0, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  391.947370] audit: type=1326 audit(1534494930.202:206): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14377 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x4})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:30 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:30 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
syz_open_pts(r0, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:30 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:30 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:30 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x4800000000000000)

08:35:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0)
ioctl$RTC_UIE_OFF(r2, 0x7004)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:31 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:31 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  392.733789] audit: type=1326 audit(1534494930.987:207): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14377 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:31 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  392.850553] audit: type=1326 audit(1534494931.104:208): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14436 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:31 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="000002000000010146955f9356cf2339983ec994b60b251b593a627099f3c0d264f63eb5a59cb9f5f345e4bba161aeb6ba2fb2ce0daa913d10621f19055ff1deb5627d7e97d00f1a48460a39913b6f856fbf90284e58889dc333884d4e4c44f6a01106385ee3cbc7d0c4a76146928f"], 0xc)
getegid()
ioctl$FICLONE(r0, 0x40049409, r1)

08:35:31 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x8000, 0x0, 0x0, 0x0, 0x32f494f8, 0x0, 0x2, 0x0, 0x2, 0x3fff8, 0x20000020000000, 0xfffffffffffffffd})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
getpeername$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000240)=0x14)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x4800)
recvfrom$unix(r2, &(0x7f0000000100)=""/215, 0xd7, 0x40002100, 0x0, 0x0)

08:35:31 executing program 6:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="000002000000010146955f9356cf2339983ec994b60b251b593a627099f3c0d264f63eb5a59cb9f5f345e4bba161aeb6ba2fb2ce0daa913d10621f19055ff1deb5627d7e97d00f1a48460a39913b6f856fbf90284e58889dc333884d4e4c44f6a01106385ee3cbc7d0c4a76146928f"], 0xc)
getegid()
ioctl$FICLONE(r0, 0x40049409, r1)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r2)

08:35:31 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:31 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x1000000000000000)

08:35:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
syz_open_pts(r0, 0x40)

08:35:31 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="000002000000010146955f9356cf2339983ec994b60b251b593a627099f3c0d264f63eb5a59cb9f5f345e4bba161aeb6ba2fb2ce0daa913d10621f19055ff1deb5627d7e97d00f1a48460a39913b6f856fbf90284e58889dc333884d4e4c44f6a01106385ee3cbc7d0c4a76146928f"], 0xc)
getegid()
ioctl$FICLONE(r0, 0x40049409, r1)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r2)
r5 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r5, 0x29, 0xc8, &(0x7f0000000280), 0x4)

08:35:31 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:31 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:31 executing program 6:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  393.618273] audit: type=1326 audit(1534494931.873:209): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14436 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:31 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  393.703989] audit: type=1326 audit(1534494931.959:210): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14493 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:32 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:32 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$VT_DISALLOCATE(r0, 0x5608)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:32 executing program 3:
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc))
r0 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(0xffffffffffffffff, 0x5441, &(0x7f00000000c0))

08:35:32 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0xffffffffffffffff, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:32 executing program 3:
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc))
r0 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(0xffffffffffffffff, 0x5441, &(0x7f00000000c0))

08:35:32 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x3000000)

08:35:32 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:32 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:32 executing program 6:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:32 executing program 3:
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc))
r0 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(0xffffffffffffffff, 0x5441, &(0x7f00000000c0))

08:35:32 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:32 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  394.487685] audit: type=1326 audit(1534494932.742:211): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14493 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:32 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  394.594941] audit: type=1326 audit(1534494932.849:212): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14549 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x8)
setsockopt$inet_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000100)='tls\x00', 0x4)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:32 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:33 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:33 executing program 0:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x400, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000011c0)={<r1=>0x0, @in={{0x2, 0x4e24, @remote}}, 0x200, 0x7}, &(0x7f0000001280)=0x90)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000012c0)={r1, 0x0, 0x20, 0x2, 0x4}, &(0x7f0000001300)=0x18)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x80, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f00003b9fdc))
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000180)={0x1000, 0x100000001, 0x3, "d9af8d8b16ea72b25a44b7dcda60c6ae83f05caa41a55a3706bd1a28ede5af3aaf13fe7c136a5447f11ab1dad83a079f9e4b63a9ed63870c660b39a231ada281137ee16721239348a1e286e411b5b42295ed9b49869cf1617f4e29971da3868e75725c51e31ec7f5362e97b199214ca2111fbf6f5f956a2784a2a3a10b438af4c3ab613c5da95964e1d24c545f8bb0c395311f085ba7d146086715935f720451201568807d66627d48d6cfe1294e3190966244b13295d649f79c8de7d7a672248c5b8f6970d24889aba7443b72daeea063e0bba8176ec17dd848e5f9211db17f39cbbc1a4e627719203c5754362d0c5904a95df4ac2682147bc773e851eb780886edc9378dd934189d92c9bb863c6a985be7bd4911bede3da03fbbeca3586b1bff5e108b4aeb0c76a96e079edc68d4557e308b38d6c84fb90544036994f5927ef58064f214824b4d5dbcaa2662a686191ac09302a323c6719ce23e0046649b7d066c7ac99f210801b6b2fabc55841f1a1b9d3301f1c2426803283cfa22dcc8a4afae7347c243faf9082a9b7166905592198412c0322dca4f75a579c333fa17b9273c7d61f4f987219a17645487a539759f9f21c15106aa16a4678300f9f662aaa720f4f90a75db289d0e54ed8b4b83f24b6258c09d886d08f37f7002022bd8bb2e5784994ba1fbc6e3a711888425ca0014f41765830778110d3dac6ad871363a4150a797c44529e8e87239e55af98efad2069773c4ff8f921178f97a8650e9b1aac22563f6d7c61a22fddbae09377820ef0850b9a8aeb027ce578da8842455354d69bc7793e2b87f76a66472f62a615c26ed605af7c525bf92b0740c2f6ee260c9a84baaec16d520b554bf18600d121f6d6316bb6ff9580fbfd1dae8a205bfcf2d1919466b46093382b40215342a7c67f0135860ab4a4f610441cdcd1f08126910faec33e3c5756c31fb8a8a78e81dada7c28504fee65a0770c4ae82f70d33aee7fcf004e018fce0453c181d22469874c9678f548e759c60cb41b060311640479dad9fb569f7ed4fdb40d4cf8db2ee6eed4e5fe0401de8042ef83a70fb8976eb157d7595cce685c1e8dd1ed5b80a02cd9d8502d92d9b8e2184765a118ccd1e1b56617008450d883b3956b46b5574f14d92666a3cd1b8549f6208f6fccbbbb6b2ecac239f1b1fc7d16426abc3d5917e5adfaa5d689e15f73446e98fb65d6f32e74aef25ed342bdec2525c6cfa489a063e4786f25d68ca53766070416271cc28127e7eee61a77c6f017ec76fb751775a3dffb852f00ebaff0f78851d960ac7a871e855056de3f698ac1daf672f73a6222d29a4fc9057a937124e6ffcd1ef14652419218c242507e811b96a81040617284e4c1afde2c72280000881363afaebea47233daf5297896ea48b66b217f187a959ccb06ed2e2344662f5540308caa56c15aa6aaf54d9c73e831b924cc21534ff168b373fc69c76fc2a286cde18cb1bb4a9ed927f0d4f09c42c2fd964e65d0fbf6a7eae210e90b3157bbba958b6972d3020a416ffb6decd7f374674907b2296bbcaa60411a6a79431d50e109084350cccbfaa864222aec7fedfa780cfe9afec6a04eee263eaecc3bdf03a4bd6f24b324cb1006deae8342fe575733b1f4a9ae9ec181ace37970f58a43e580b6ff4dca6aca8a7bc30e5d3c63976b5ddf714c06b24ce5f48affc3308b62a5d92bb979d5606ecd6754ee9a62ccaec670e885dde0133d38730dcfb1e7e16a7e294532309c6e6556866606828d05602b40a966b647652da5a7b9e5a9ce6eb73e55833d22004f0ba54b8e4519858a1775e7fde7bf0e85213d8306fae3a34cfaf47ca1444d048e3e6127c3c1fdf985641664089005e638f7e117ce60e82eb698f6ee03a95fc9d575d171e638b057e02f1bb9079e669869c1d6e03f740d3c6d1ad2f81e48b059982d0481c99dd8c2d551ab32de6488e37d96a45ad6070be3de8835601925bb7ce07c0655feaa8f775fff746eeb72b673d7fde186baabba189ce487e6a38ea05509cd9c43e6e52b6d729086504cf45865a018b530524cefacafa805f45935483f2536ebe8436e32811cb0886c98d0432a4944e73c8d2b7b4f9a22a5da870f9290713b251769184788d7f946e524ca59b6404e60ebb576f2328dfcf88d2a1a1330de73b2f60e88151349309234d87a7784331195e51483bfbcf6bf0e75b51cd90560c6c34645594b52345881ac9cf1b5bf8973001105e03425f985fc39d7b83ec49abb2bbc0cf7e97f190f4f620f72c1ca5f7230d85f046c04ce0f745bf98438bd59b46881e57d1071249ed3f7c43fac004b00d0887e2355489577d869146b26342e0c6fdc4baaf798269185dbae7ef6b7638866e876e7b5c0df0bba19ea54f59985d23f51822898920c015bc0ee65b81c11b42ddd6e416e7e8ad3719f5880451531aac129528d296f9aaa1002f2f4340eef74151226f22a7e60106545cbcd9367e5694bc5db107e6996f16667cf30be316202e81890da1dc1dccd89fde47284b470caba23ea02a355d9f95ac7fe7610c57dc4783df5d1b8a075ef19bdfe525fd7e2f078fad3aef67c6bbd2fe6fb830cfc429949c11607313cbcb281d6dedd8e1414d0097617987d499624d695a09dffa3e23062e5a1b6b658365754d2af318300d5f4bdbf1d7889f61c43f77233a892cdee87377f7cc9205d7c191b753c01343a4eac28a44a7c1ceaacabebd0f92a516f3c0f243e3d33d9be211d7f99750e38cc2d450a4d21373f95efeac4b1a850ed5f5b6cb26ed58f6505acef096a19aebf50491635f77b471433c026065003e163b2abe60597205e60f7f7c00a3928ae61148ae5da13cca6797a7dd48f40c882416b55c6e0066195290b5e1ed819f67f95b7fefe46cefdcc378052631dd6f23ce834cd25fb0c60d9bf530ddfeda3fd46b545fc69accbac2852d5510e5ba29e317c991cda2cf6265eee80af0197a6f69e237e3767b0a2e95d9019360397b6912883ce5275cbceed19cb0b468ea200bfb3cede27a526616dc6ca0f88c89c3d4d16b5b6127be9c242cd3580a51ab9ac8f1cbdf394a1dd8cc8c81b64a60db5b876e1c0bdbd5ecd3e948e921660a8e5b38937eeec2a67bb213616b2e2bd708f8f0c36d8983e5e1d59519d4c0da56436be45e11e4703c3ee97ebe60099a480d6cda9b5bf0a51299ea41ac08fa9ab989f1abb2a2581cf1bb2414227f687998d9ba8a82f55d4acf1ce40fb8277488627ee79a5be1bc73d8528723efa27351cb9efc67fae8ba77c2ccbb5105c3ac263d3f27657375229df8e4f5d899a4949fd2de2e098214594ba117bd3bdd6a6b2f5b644277021a952026890081694b87582157956d7a4df85711f70417cf71f6ce6c0018c2925ecf4990ca9b5c1906fa4f4a1569076c0793c929fd31c3326674ffe92868a9faceea8a69b66cd713949914dd4f1b53f8c18f09cde72e38409f4d81727d49485f505d59dc6c4e4c711c8383b473e865188dbd11c8d4d6cd7fc7ee94a12433eb08f47ae9cfc0d3ac1eb8358419ce67a66e8af0cce4b336b511c337cb2b00612deedf00da689cde92037bb3c55877998450c995180e359ff751bd627a5191710b6e0eb7319a74eff883b2857335ae996ca830d6733fff3fdf193ffd4142623f9753efec4bda22436fc249ffaf86a240657baea0e1fd5257fbbea923119f7571b8f0945d07a8435488a3751249775071ca9b19d0f28f27ef19d3fa016946a2f6fc67d5cde73c7ee7e1db48771cff496f3b9115aba2a94190a8f80e37d84e24543d73c1675a64f6b8f4495fbc84e4a4514cc0c460b72d3918d1c5fc9e8a2d57bf843530a40585d816c4114233aebbede65cd19c3585b6985a1fe821d0ec6ed47fe3a2066f37642febb2391fbf7a1d64f904576455a1a86ce5ff7f77c3872fb49659714dc33aeabc80c337c70e97a78787d049fabad5c73b85267b24e1bd53b4b02c023e8b3b94c048016280e8398249813578f8929c13700908cc438cdcb7a093f77d8da112b1287dfd3f22d9454faf3cdbf34395fee5c563f077bde3b939784ef307d4cb919c2266797a2723bbea5a00f3ad4ddf2c248d530caf17fd75c75eeaccac588ca944164adfbc464ccd07430af0e5214d90b4f8d0eca4886eb45c26aee2b1b4b3a4879f1a2a4d8cad0ab77c2ed752cc0d08722131955fb48f18e9271b536756e486402dba821d4d54c0e1c2c539d22d88b6fd8af0e63507109faed3b079baa0e6c64f51f57326e3711a01d7dcebeb36cf993596f31d18ae1fa9a2860df3d341eebf571443f894198ba0d74a078f1a0157912219f5c06385488114f0d0e621a75496421587f642ffa895313c1ac8bac050530f6a8ec7c851148a5eb5358a29f2e1625de61c28c102c8a6aa1f4701826d5985c6e8de8fc177ee0545b1dc2abaf31efd9bc357676b2a823c30d2fc9fbc9cecd9c73c1ab737dca1744c5c656e02657f79a01386d6bf348b332361cb93fc82cbcca884f5631fb9888e2f47db5de0d26d28b2f8679335a437f5579c8c2a915195b1f6df9ad9d4709e4d8028341f6bb0d4b64bc6a9d50a71fd06685af1b66d374973ad30478d7d1fb69b62d8bf2d0f9f15c535e46bcc2ead2410e81e0f428e66438f08e0f9ed825dbbc03f55154fad5290348fed8a3c7dd532044df4d2ceb734f91cf870e609f433a3b8f896cf3cc0bf07dc6a39dd07039633036ffb4da183572c0a2e9d34701813eb166ab020bcce29f7b482fb1dc8e788cb32ee58ba8cee7f9389cf42e59c9f858af75a4179b94f46a8444246ac1656cf0e958ccc81262574c9e53920e9d38c4de7d6f1e0ffffde47d8819a103d7d38201624bece91dd66950292e9aa1c531a4b1143d4b75949209d957df426813586f8ffd73d6b22cea176d052ee16e8de50195d706da68f93fe5ce232d45c591500f72c88a8801ce26c4addf8449ed358ec08e6c56553269d0ef9e08e89f70f04d4c9ecbede6cc9a44e5c2fc9bd05d10f549d6180379601c0f7420acb2f230b47792f68723c6e2d681bba5b0255c182eaf10ced1b2b694839249cba3949b2f3035649f3857bbecfa169497504675b1f130f1335e2d620740842691d7c5b24115a53892eecee469c0bf39ec32d4b7618357606316eb8fc4b8ecedd3eeb9e123b7ab52a25614261d194baa7d8cb5d38070f9b9e5123865cb3a2cd790b0cfac1172cd335e319120ba9b9bf2e9be8ec29d806ce4daa75d9f459bbd048f75f7806d3dd56e2f1bb621bb9dbb77a235c65d3b543ac75fe44881a96ddc2bf746c16467d5409d3568e436a454b30eb36aa6fef1490f2a26c79e50eef1f48ecc47d0bcb75928d783b0a2730e72320dac589127f5b2fbe5d581b05bacaa976bb84e1c1249807b48c92b91cc3c192118df400aac9fddfb7177de89b718e9819f071a7c9ff968d5bef1255761c1fb5716e0f686a914071220de5555d3bebde407f0eaae9d2274ec033241d00e663036e85f9265c551193b80e496e420495495e83d2521ad6b2950aa90a7f638bcb03c2c7f9375b841c2fad59e31ef7129d9153c28442053a3f0ba5cfa2c01ed3fe36f9fa833aa92f312f40be4c4dc932c878e3b7e31de309f1bf8e9a7f99cd9481483a63d2c6a25ea27262e0da4bfcdcd5082160bf66a311e90b13ba0a8b110a40bb528ca5ad8d001909a2f1a9476f426a2392096cd1baad6c4db009c62a4777ec56b44a7eae28271e90de9ebb0fc2807a08c1b657bab094b4e227bd35958728886c20470e73f7aa03e92111fd005fab57bfeff4c0c95d03"})
r4 = syz_open_pts(r3, 0x0)
ioctl$TIOCGSOFTCAR(r4, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r3, 0x5441, &(0x7f00000000c0))
ioctl$PIO_FONT(r2, 0x4b61, &(0x7f0000000140)="931fb5d408f1a81d64c41a58ad1ea0e648ed60f7eb8bec5a0cf030bc")

08:35:33 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:33 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  394.859400] Unknown ioctl 1
[  394.874375] Unknown ioctl 19297
[  394.895598] Unknown ioctl 1
[  394.918081] Unknown ioctl 19297
08:35:33 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:33 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040)={0x20f6})
socket$nl_route(0x10, 0x3, 0x0)

08:35:33 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x600, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:33 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:33 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:33 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:33 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:33 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  395.367385] audit: type=1326 audit(1534494933.622:213): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14549 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:33 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:33 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:33 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:33 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:33 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000100)={<r3=>0x0, 0xab, "3a94653dbb16a6e52e93fb3f68c6c009389618234f25794e70d9ddd8589d88411dadce7090b0f92c1c9eab2184aa64dd91e8c4ad0d345d98a06fa42ded3e850abb5319fc29522df159fa92b33b9a5b7ea01fa132bc9eaba9f7b5fb057473d05a1e2b7b5b3183e512bc8d66d760572602bdaf1d064b2b94b325b975fe0dbd77a0416ba5f788aa269e2fb87294d1a0445d863458d79ce7a874f480bc30e5fbd14cdca991c0db0875db0e19bb"}, &(0x7f00000001c0)=0xb3)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000000200)={r3, 0x73, "9329d27e8dd056f6c05109f048c296097edbcf1f7594b8e73a79fbf2474854a340091cf86b0887a175615027a92b1b93b54d3a530861365eb0e56bd42bc0aa805ef63d9ac9a6f486e973b0bdc4720e8143f9b25f43964ac6993ed3346f4d429403ddee3f29ae9c3fe9f8ff0446914a11d13f6c"}, &(0x7f0000000280)=0x7b)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:33 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:34 executing program 7:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x5, 0x662, 0x80000001, 0x200}, {0x80, 0x0, 0x5, 0x3ff}, {0xbd, 0x8001, 0x1, 0x10a}, {0x7, 0x66f, 0x0, 0x2}, {0x3dd, 0x9, 0x8, 0x9}]})
fdatasync(r0)
socket$nl_route(0x10, 0x3, 0x0)

08:35:34 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:34 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x2})
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:34 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:34 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:34 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:34 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  396.234566] kauditd_printk_skb: 1 callbacks suppressed
[  396.234577] audit: type=1326 audit(1534494934.489:215): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14604 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:34 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:34 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  396.341291] audit: type=1326 audit(1534494934.596:216): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14654 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:34 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:34 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:34 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:34 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:34 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:34 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:35 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
r1 = syz_open_procfs$namespace(r0, &(0x7f0000000280)='ns/pid_for_children\x00')
prctl$seccomp(0x16, 0x2000000000, &(0x7f0000000000)={0x200000000000026e, &(0x7f00000000c0)=[{0xf1e, 0x1, 0x6, 0x7ffffffc}]})
socket$nl_route(0x10, 0x3, 0x0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast1}, &(0x7f0000000100)=0x10, 0x80800)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e20}, 0x10)

08:35:35 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:35 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:35 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:35 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  397.112190] audit: type=1326 audit(1534494935.366:217): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14654 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:35 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:35 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:35 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f00000001c0)={0x81, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:35 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:35 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:35 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x5, &(0x7f0000000040)={0x25a})
socket$nl_route(0x10, 0x3, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)

08:35:35 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x7, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:35 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:35 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x40000000000001, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0xfffffffffffffeac, 0x7d, 0x3, 0x7fff}, {0x2, 0x10001, 0x3, 0x57}, {0x3, 0x3, 0xfffffffffffff801, 0x6}, {0x3, 0x1c0000000002, 0x746, 0x6}, {0x0, 0x9, 0x6, 0x6}]})
socket$nl_route(0x10, 0x3, 0x0)

08:35:35 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  397.504189] pts pts9: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:35 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:35 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000080)={0x6, &(0x7f00000000c0)=[{0x1, 0x1ff, 0x2, 0x6}, {0xfffffffffffffffc, 0xc176, 0x5, 0xfffffffffffffff7}, {0x8dc5, 0xfff, 0x7fffffff, 0x800}, {0x7, 0x63, 0x4, 0x40}, {0x0, 0x9, 0x5, 0xa467}, {0x238e122f, 0x5, 0x4, 0xffa}]})
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x2000, 0x0)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000140), 0x4)
ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'bpq0\x00', {0x2, 0x4e22, @remote}})
socket$nl_route(0x10, 0x3, 0x0)

08:35:35 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  397.689318] audit: type=1326 audit(1534494935.944:218): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14742 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:36 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  397.733813] pts pts10: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:36 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  398.078537] pts pts11: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:36 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:36 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:36 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:36 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="000002000000010146955f9356cf2339983ec994b60b251b593a627099f3c0d264f63eb5a59cb9f5f345e4bba161aeb6ba2fb2ce0daa913d10621f19055ff1deb5627d7e97d00f1a48460a39913b6f856fbf90284e58889dc333884d4e4c44f6a01106385ee3cbc7d0c4a76146928f"], 0xc)
getegid()
ioctl$FICLONE(r0, 0x40049409, r1)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r2)
r5 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r5, 0x29, 0xc8, &(0x7f0000000280), 0x4)

08:35:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:36 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:36 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  398.480443] audit: type=1326 audit(1534494936.735:219): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14742 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:36 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:36 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x4000, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000080)={<r1=>0x0, @in={{0x2, 0x4e24, @rand_addr=0x6}}, 0x3, 0x5}, &(0x7f0000000140)=0x90)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r1, 0x0, 0x5}, 0xc)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f0000000280)={0x2, &(0x7f00000001c0)=[{0x0, 0x0, 0x0, @remote}, {0x0, 0x0, 0x0, @random}]})
socket$nl_route(0x10, 0x3, 0x0)

[  398.660483] audit: type=1326 audit(1534494936.915:220): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14793 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x99, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:36 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:37 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="000002000000010146955f9356cf2339983ec994b60b251b593a627099f3c0d264f63eb5a59cb9f5f345e4bba161aeb6ba2fb2ce0daa913d10621f19055ff1deb5627d7e97d00f1a48460a39913b6f856fbf90284e58889dc333884d4e4c44f6a01106385ee3cbc7d0c4a76146928f"], 0xc)
getegid()
ioctl$FICLONE(r0, 0x40049409, r1)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r2)
r5 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r5, 0x29, 0xc8, &(0x7f0000000280), 0x4)

[  398.826213] pts pts12: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:37 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x11dde4c9, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:37 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="000002000000010146955f9356cf2339983ec994b60b251b593a627099f3c0d264f63eb5a59cb9f5f345e4bba161aeb6ba2fb2ce0daa913d10621f19055ff1deb5627d7e97d00f1a48460a39913b6f856fbf90284e58889dc333884d4e4c44f6a01106385ee3cbc7d0c4a76146928f"], 0xc)
getegid()
ioctl$FICLONE(r0, 0x40049409, r1)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r2)
r5 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r5, 0x29, 0xc8, &(0x7f0000000280), 0x4)

08:35:37 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x9, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  398.978113] pts pts13: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  399.106363] pts pts14: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:37 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:37 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000040))
r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000012000/0x4000)=nil, 0x4000}, 0x1})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

08:35:37 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:37 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:37 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0xfffffffffffffbfc, 0x0)
getcwd(&(0x7f0000001800)=""/11, 0xb)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x3000, 0x5000})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x800, 0x1f}, &(0x7f0000000180)=0x14)
clock_gettime(0xfffffffffffffffe, &(0x7f0000000100))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/93)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280))
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000000c0)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="000002000000010146955f9356cf2339983ec994b60b251b593a627099f3c0d264f63eb5a59cb9f5f345e4bba161aeb6ba2fb2ce0daa913d10621f19055ff1deb5627d7e97d00f1a48460a39913b6f856fbf90284e58889dc333884d4e4c44f6a01106385ee3cbc7d0c4a76146928f"], 0xc)
getegid()
ioctl$FICLONE(r0, 0x40049409, r1)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r2)
r5 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r5, 0x29, 0xc8, &(0x7f0000000280), 0x4)
setsockopt$inet6_MRT6_ADD_MFC(r5, 0x29, 0xc9, &(0x7f0000000180)={{0xa, 0x0, 0x0, @ipv4={[], [], @multicast1}}, {0xa, 0x0, 0x0, @remote}}, 0x5c)

08:35:37 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  399.290121] pts pts15: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:37 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x331})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:37 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  399.444221] audit: type=1326 audit(1534494937.697:221): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14793 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:37 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040)={0x21c1})
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000080)={[0xf801, 0x80, 0x9, 0x100000001, 0x5, 0x4, 0x79e1, 0x4480, 0x7, 0xffff, 0xa7, 0x3, 0x1e, 0x8, 0x7f, 0xfff], 0x13004, 0x400})

08:35:37 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  399.521289] pts pts16: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:37 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:37 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  399.600561] audit: type=1326 audit(1534494937.855:222): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14842 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:38 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  399.770633] pts pts17: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:38 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(0xffffffffffffffff, 0x5441, &(0x7f00000000c0))

08:35:38 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(0xffffffffffffffff, 0x5441, &(0x7f00000000c0))

08:35:38 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(0xffffffffffffffff, 0x5441, &(0x7f00000000c0))

08:35:38 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:38 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:38 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:38 executing program 0 (fault-call:13 fault-nth:0):
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  400.381661] audit: type=1326 audit(1534494938.636:223): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14842 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  400.456149] FAULT_INJECTION: forcing a failure.
[  400.456149] name failslab, interval 1, probability 0, space 0, times 0
[  400.468094] CPU: 0 PID: 14878 Comm: syz-executor0 Not tainted 4.18.0-next-20180817+ #42
[  400.476254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  400.485609] Call Trace:
[  400.488226]  dump_stack+0x1c9/0x2b4
[  400.491872]  ? dump_stack_print_info.cold.2+0x52/0x52
[  400.497079]  ? check_noncircular+0x20/0x20
[  400.501342]  should_fail.cold.4+0xa/0x11
[  400.505413]  ? print_usage_bug+0xc0/0xc0
[  400.509495]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  400.514611]  ? lock_downgrade+0x8f0/0x8f0
[  400.518767]  ? print_usage_bug+0xc0/0xc0
[  400.522841]  ? print_usage_bug+0xc0/0xc0
[  400.526921]  ? graph_lock+0x170/0x170
[  400.530742]  ? find_held_lock+0x36/0x1c0
[  400.534818]  ? __lock_is_held+0xb5/0x140
[  400.538909]  ? check_same_owner+0x340/0x340
[  400.543243]  ? mark_held_locks+0x160/0x160
[  400.547493]  ? rcu_note_context_switch+0x680/0x680
[  400.552432]  ? print_usage_bug+0xc0/0xc0
[  400.556521]  __should_failslab+0x124/0x180
[  400.560768]  should_failslab+0x9/0x14
[  400.564594]  kmem_cache_alloc_node+0x256/0x720
[  400.569204]  ? print_usage_bug+0xc0/0xc0
[  400.573296]  __alloc_skb+0x119/0x770
[  400.577024]  ? skb_scrub_packet+0x490/0x490
[  400.581358]  ? lockdep_hardirqs_on+0x421/0x5c0
[  400.585954]  ? retint_kernel+0x10/0x10
[  400.589853]  ? trace_hardirqs_on_caller+0xc0/0x2b0
[  400.594801]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  400.599569]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  400.605043]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  400.609817]  sk_stream_alloc_skb+0x141/0x970
[  400.614248]  ? tcp_init_transfer+0x470/0x470
[  400.618668]  ? tcp_send_mss+0x1c0/0x2c0
[  400.622661]  ? write_comp_data+0xa/0x70
[  400.626680]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  400.631714]  tcp_sendmsg_locked+0xee8/0x3f20
[  400.636143]  ? lock_downgrade+0x8f0/0x8f0
[  400.640323]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  400.645091]  ? lockdep_hardirqs_on+0x421/0x5c0
[  400.649690]  ? tcp_sendpage+0x60/0x60
[  400.653514]  ? find_held_lock+0x36/0x1c0
[  400.657616]  ? mark_held_locks+0xc9/0x160
[  400.661824]  ? __local_bh_enable_ip+0x161/0x230
[  400.666518]  ? __local_bh_enable_ip+0x161/0x230
[  400.671211]  ? trace_hardirqs_on+0xbd/0x2c0
[  400.675539]  ? lock_release+0x9f0/0x9f0
[  400.679523]  ? lock_sock_nested+0xe7/0x120
[  400.683763]  ? trace_hardirqs_off_caller+0x2b0/0x2b0
[  400.688889]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  400.693513]  ? kasan_check_write+0x14/0x20
[  400.697757]  ? lock_sock_nested+0x9f/0x120
[  400.702002]  ? __local_bh_enable_ip+0x161/0x230
[  400.706689]  tcp_sendmsg+0x2f/0x50
[  400.710244]  inet_sendmsg+0x1a1/0x690
[  400.714055]  ? ipip_gro_receive+0x100/0x100
[  400.718389]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  400.723936]  ? security_socket_sendmsg+0x94/0xc0
[  400.728709]  ? ipip_gro_receive+0x100/0x100
[  400.733035]  sock_sendmsg+0xd5/0x120
[  400.736760]  __sys_sendto+0x3d7/0x670
[  400.740573]  ? __ia32_sys_getpeername+0xb0/0xb0
[  400.745253]  ? wait_for_completion+0x8d0/0x8d0
[  400.749847]  ? __lock_is_held+0xb5/0x140
[  400.753933]  ? __sb_end_write+0xac/0xe0
[  400.757921]  ? fput+0x130/0x1a0
[  400.761220]  ? do_syscall_64+0x9a/0x820
[  400.765215]  ? do_syscall_64+0x9a/0x820
[  400.769209]  ? lockdep_hardirqs_on+0x421/0x5c0
[  400.773814]  ? trace_hardirqs_on+0xbd/0x2c0
[  400.778147]  ? __ia32_sys_read+0xb0/0xb0
[  400.782235]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  400.787606]  ? trace_hardirqs_off_caller+0x2b0/0x2b0
[  400.792721]  __x64_sys_sendto+0xe1/0x1a0
[  400.796794]  do_syscall_64+0x1b9/0x820
[  400.800690]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  400.806062]  ? syscall_return_slowpath+0x5e0/0x5e0
[  400.811000]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  400.815851]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[  400.820883]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  400.825909]  ? prepare_exit_to_usermode+0x291/0x3b0
[  400.830943]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  400.835799]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  400.840997] RIP: 0033:0x457089
08:35:39 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x0, &(0x7f0000000040)={0x0, &(0x7f0000000080)})
socket$nl_route(0x10, 0x3, 0x0)

[  400.844217] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  400.863121] RSP: 002b:00007f6696ec6c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  400.870836] RAX: ffffffffffffffda RBX: 00007f6696ec76d4 RCX: 0000000000457089
[  400.878160] RDX: 000000000000ff6c RSI: 0000000020000000 RDI: 0000000000000003
[  400.885460] RBP: 00000000009300a0 R08: 00000000200000c0 R09: 0000000000000010
[  400.892851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009
[  400.900124] R13: 00000000004d4178 R14: 00000000004c8b48 R15: 0000000000000000
08:35:39 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x80000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
socket$nl_route(0x10, 0x3, 0x0)

08:35:39 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:39 executing program 2 (fault-call:9 fault-nth:0):
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:35:39 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000000c0)="47504cba00", 0xfffffffffffffffe)
keyctl$read(0xb, r0, &(0x7f0000000280)=""/4096, 0x1000)
keyctl$read(0xb, r0, &(0x7f0000001300)=""/4096, 0x1000)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0xc1, 0x0)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f0000000140)={<r2=>0x0, 0x100000000}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f00000012c0)={r2, 0xffffffffffffff00}, &(0x7f0000001280)=0x8)

[  401.182047] audit: type=1326 audit(1534494939.437:224): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14894 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  401.230781] FAULT_INJECTION: forcing a failure.
[  401.230781] name failslab, interval 1, probability 0, space 0, times 0
[  401.242203] CPU: 1 PID: 14892 Comm: syz-executor2 Not tainted 4.18.0-next-20180817+ #42
[  401.250363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  401.259729] Call Trace:
[  401.262335]  dump_stack+0x1c9/0x2b4
[  401.265995]  ? dump_stack_print_info.cold.2+0x52/0x52
[  401.271235]  should_fail.cold.4+0xa/0x11
[  401.275322]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  401.280460]  ? print_usage_bug+0xc0/0xc0
[  401.284560]  ? print_usage_bug+0xc0/0xc0
[  401.288651]  ? graph_lock+0x170/0x170
[  401.292489]  ? find_held_lock+0x36/0x1c0
[  401.296580]  ? __lock_is_held+0xb5/0x140
[  401.300683]  ? check_same_owner+0x340/0x340
[  401.305032]  ? rcu_note_context_switch+0x680/0x680
[  401.309996]  __should_failslab+0x124/0x180
[  401.314265]  should_failslab+0x9/0x14
[  401.318092]  kmem_cache_alloc+0x29c/0x710
[  401.322270]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
08:35:39 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:39 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  401.327838]  ? kvm_pfn_to_page+0x7a/0xa0
[  401.331934]  mmu_topup_memory_caches+0xf7/0x3a0
[  401.336656]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  401.342232]  ? kvm_apic_has_interrupt+0xe9/0x230
[  401.347078]  kvm_mmu_load+0x21/0x1260
[  401.350903]  ? kvm_apic_accept_pic_intr+0xef/0x1a0
[  401.355960]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  401.361530]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  401.367098]  vcpu_enter_guest+0x3c8b/0x61a0
[  401.371450]  ? kasan_check_write+0x14/0x20
[  401.375720]  ? kvm_set_msr_common+0x2680/0x2680
[  401.380420]  ? perf_trace_lock+0x920/0x920
[  401.384685]  ? handle_dr+0x8c0/0x8c0
[  401.388422]  ? graph_lock+0x170/0x170
[  401.392272]  ? __lock_is_held+0xb5/0x140
[  401.396359]  ? lock_acquire+0x1e4/0x4f0
[  401.400358]  ? kvm_arch_vcpu_ioctl_run+0x234/0x16d0
[  401.405402]  ? lock_release+0x9f0/0x9f0
[  401.409400]  ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340
[  401.414693]  ? kvm_arch_dev_ioctl+0x610/0x610
[  401.419224]  ? preempt_notifier_dec+0x20/0x20
[  401.423759]  kvm_arch_vcpu_ioctl_run+0x373/0x16d0
[  401.428668]  ? kvm_arch_vcpu_ioctl_run+0x373/0x16d0
[  401.433685]  kvm_vcpu_ioctl+0x7b8/0x1280
[  401.437772]  ? kvm_uevent_notify_change.part.32+0x440/0x440
[  401.443520]  ? find_held_lock+0x36/0x1c0
[  401.447590]  ? lock_downgrade+0x8f0/0x8f0
[  401.451732]  ? kasan_check_read+0x11/0x20
[  401.455884]  ? rcu_is_watching+0x8c/0x150
[  401.460040]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  401.464723]  ? __fget+0x4d5/0x740
[  401.468205]  ? ksys_dup3+0x690/0x690
[  401.471923]  ? find_held_lock+0x36/0x1c0
[  401.476015]  ? kasan_check_write+0x14/0x20
[  401.480260]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  401.485216]  ? kvm_uevent_notify_change.part.32+0x440/0x440
[  401.490938]  do_vfs_ioctl+0x1de/0x1720
[  401.494832]  ? __lock_is_held+0xb5/0x140
[  401.498917]  ? ioctl_preallocate+0x300/0x300
[  401.503343]  ? __fget_light+0x2f7/0x440
[  401.507327]  ? fget_raw+0x20/0x20
[  401.510791]  ? __sb_end_write+0xac/0xe0
[  401.514777]  ? fput+0x130/0x1a0
[  401.518084]  ? do_syscall_64+0x9a/0x820
[  401.522065]  ? do_syscall_64+0x9a/0x820
[  401.526043]  ? lockdep_hardirqs_on+0x421/0x5c0
[  401.530645]  ? security_file_ioctl+0x94/0xc0
[  401.535063]  ksys_ioctl+0xa9/0xd0
[  401.538515]  __x64_sys_ioctl+0x73/0xb0
[  401.542413]  do_syscall_64+0x1b9/0x820
[  401.546307]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  401.551669]  ? syscall_return_slowpath+0x5e0/0x5e0
[  401.556592]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  401.561430]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[  401.566442]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  401.571481]  ? prepare_exit_to_usermode+0x291/0x3b0
[  401.576535]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  401.581400]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  401.586600] RIP: 0033:0x457089
[  401.589796] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  401.608729] RSP: 002b:00007f54d058dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  401.616436] RAX: ffffffffffffffda RBX: 00007f54d058e6d4 RCX: 0000000000457089
[  401.623732] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  401.631000] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  401.638264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
[  401.645531] R13: 00000000004cedf0 R14: 00000000004c54c9 R15: 0000000000000000
08:35:39 executing program 2 (fault-call:9 fault-nth:1):
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:35:39 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:39 executing program 5:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:39 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:40 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  401.879322] FAULT_INJECTION: forcing a failure.
[  401.879322] name failslab, interval 1, probability 0, space 0, times 0
[  401.890617] CPU: 1 PID: 14915 Comm: syz-executor2 Not tainted 4.18.0-next-20180817+ #42
[  401.898773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  401.908133] Call Trace:
[  401.910758]  dump_stack+0x1c9/0x2b4
[  401.914412]  ? dump_stack_print_info.cold.2+0x52/0x52
[  401.919623]  ? __kernel_text_address+0xd/0x40
[  401.924143]  ? unwind_get_return_address+0x61/0xa0
[  401.929118]  should_fail.cold.4+0xa/0x11
[  401.933226]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  401.938355]  ? save_stack+0xa9/0xd0
[  401.942011]  ? kasan_kmalloc+0xc4/0xe0
[  401.945924]  ? kasan_slab_alloc+0x12/0x20
[  401.950102]  ? kmem_cache_alloc+0x12e/0x710
[  401.954453]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  401.959348]  ? kvm_mmu_load+0x21/0x1260
[  401.963350]  ? vcpu_enter_guest+0x3c8b/0x61a0
[  401.967866]  ? kvm_arch_vcpu_ioctl_run+0x373/0x16d0
[  401.972913]  ? graph_lock+0x170/0x170
[  401.976747]  ? do_syscall_64+0x1b9/0x820
[  401.980860]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  401.986260]  ? find_held_lock+0x36/0x1c0
[  401.990353]  ? __lock_is_held+0xb5/0x140
[  401.994454]  ? check_same_owner+0x340/0x340
[  401.998801]  ? rcu_note_context_switch+0x680/0x680
[  402.003776]  __should_failslab+0x124/0x180
[  402.008039]  should_failslab+0x9/0x14
[  402.011862]  kmem_cache_alloc+0x29c/0x710
[  402.016037]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  402.021600]  ? kvm_pfn_to_page+0x7a/0xa0
[  402.025705]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  402.030576]  mmu_topup_memory_caches+0xf7/0x3a0
[  402.035364]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  402.040931]  kvm_mmu_load+0x21/0x1260
[  402.044775]  ? kvm_apic_accept_pic_intr+0xef/0x1a0
[  402.049748]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  402.055314]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  402.055581] audit: type=1326 audit(1534494940.145:225): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14894 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  402.060875]  vcpu_enter_guest+0x3c8b/0x61a0
[  402.060905]  ? kasan_check_write+0x14/0x20
[  402.060931]  ? kvm_set_msr_common+0x2680/0x2680
[  402.060971]  ? perf_trace_lock+0x920/0x920
[  402.097852]  ? handle_dr+0x8c0/0x8c0
[  402.101591]  ? graph_lock+0x170/0x170
[  402.105426]  ? __lock_is_held+0xb5/0x140
[  402.109523]  ? lock_acquire+0x1e4/0x4f0
[  402.113515]  ? kvm_arch_vcpu_ioctl_run+0x234/0x16d0
[  402.118553]  ? lock_release+0x9f0/0x9f0
[  402.122540]  ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340
[  402.127838]  ? kvm_arch_dev_ioctl+0x610/0x610
[  402.132349]  ? preempt_notifier_dec+0x20/0x20
[  402.136874]  kvm_arch_vcpu_ioctl_run+0x373/0x16d0
[  402.141738]  ? kvm_arch_vcpu_ioctl_run+0x373/0x16d0
[  402.146787]  kvm_vcpu_ioctl+0x7b8/0x1280
[  402.150883]  ? kvm_uevent_notify_change.part.32+0x440/0x440
[  402.156612]  ? find_held_lock+0x36/0x1c0
[  402.160711]  ? lock_downgrade+0x8f0/0x8f0
[  402.164895]  ? kasan_check_read+0x11/0x20
[  402.169060]  ? rcu_is_watching+0x8c/0x150
[  402.173229]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  402.177928]  ? __fget+0x4d5/0x740
[  402.181411]  ? ksys_dup3+0x690/0x690
[  402.185137]  ? find_held_lock+0x36/0x1c0
[  402.189239]  ? kasan_check_write+0x14/0x20
[  402.193486]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  402.198438]  ? kvm_uevent_notify_change.part.32+0x440/0x440
[  402.204164]  do_vfs_ioctl+0x1de/0x1720
[  402.208083]  ? __lock_is_held+0xb5/0x140
[  402.212160]  ? ioctl_preallocate+0x300/0x300
[  402.216604]  ? __fget_light+0x2f7/0x440
[  402.220608]  ? fget_raw+0x20/0x20
[  402.224090]  ? __sb_end_write+0xac/0xe0
[  402.228084]  ? fput+0x130/0x1a0
[  402.231379]  ? do_syscall_64+0x9a/0x820
[  402.235367]  ? do_syscall_64+0x9a/0x820
[  402.239475]  ? lockdep_hardirqs_on+0x421/0x5c0
[  402.244075]  ? security_file_ioctl+0x94/0xc0
[  402.248505]  ksys_ioctl+0xa9/0xd0
[  402.251984]  __x64_sys_ioctl+0x73/0xb0
[  402.255894]  do_syscall_64+0x1b9/0x820
[  402.259791]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  402.265214]  ? syscall_return_slowpath+0x5e0/0x5e0
[  402.270162]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  402.275037]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[  402.280068]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  402.285102]  ? prepare_exit_to_usermode+0x291/0x3b0
[  402.290141]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  402.295026]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  402.300225] RIP: 0033:0x457089
[  402.303431] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  402.322343] RSP: 002b:00007f54d058dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
08:35:40 executing program 3 (fault-call:5 fault-nth:0):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:40 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:40 executing program 4 (fault-call:12 fault-nth:0):
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:40 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  402.330065] RAX: ffffffffffffffda RBX: 00007f54d058e6d4 RCX: 0000000000457089
[  402.337503] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  402.344780] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  402.352075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
[  402.359356] R13: 00000000004cedf0 R14: 00000000004c54c9 R15: 0000000000000001
[  402.417511] FAULT_INJECTION: forcing a failure.
[  402.417511] name failslab, interval 1, probability 0, space 0, times 0
[  402.418662] FAULT_INJECTION: forcing a failure.
[  402.418662] name failslab, interval 1, probability 0, space 0, times 0
[  402.428887] CPU: 0 PID: 14928 Comm: syz-executor3 Not tainted 4.18.0-next-20180817+ #42
[  402.448211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  402.457568] Call Trace:
[  402.460165]  dump_stack+0x1c9/0x2b4
[  402.463828]  ? dump_stack_print_info.cold.2+0x52/0x52
[  402.469048]  should_fail.cold.4+0xa/0x11
[  402.473127]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  402.478255]  ? graph_lock+0x170/0x170
[  402.482072]  ? lock_downgrade+0x8f0/0x8f0
[  402.486242]  ? find_held_lock+0x36/0x1c0
[  402.490338]  ? check_same_owner+0x340/0x340
[  402.494676]  ? rcu_note_context_switch+0x680/0x680
[  402.499611]  ? lock_downgrade+0x8f0/0x8f0
[  402.503780]  __should_failslab+0x124/0x180
[  402.508075]  should_failslab+0x9/0x14
[  402.511886]  kmem_cache_alloc+0x29c/0x710
[  402.516049]  ? kasan_check_write+0x14/0x20
[  402.520295]  ? do_raw_spin_lock+0xc1/0x200
[  402.524551]  __alloc_file+0xac/0x400
[  402.528273]  ? file_free_rcu+0x90/0x90
[  402.532169]  ? shrink_dcache_sb+0x350/0x350
[  402.536521]  ? do_raw_spin_lock+0xc1/0x200
[  402.540781]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  402.546333]  ? devpts_mntget+0x2d9/0x460
[  402.550417]  alloc_empty_file+0x72/0x170
[  402.554500]  dentry_open+0x4b/0x180
[  402.558140]  ptm_open_peer+0x276/0x350
[  402.562058]  ? pty_unix98_install+0x9d0/0x9d0
[  402.566616]  ? lock_downgrade+0x8f0/0x8f0
[  402.570787]  tty_ioctl+0x254/0x1870
[  402.574433]  ? tty_vhangup+0x30/0x30
[  402.578166]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  402.582876]  ? __fget+0x4d5/0x740
[  402.586352]  ? ksys_dup3+0x690/0x690
[  402.590075]  ? find_held_lock+0x36/0x1c0
[  402.594152]  ? kasan_check_write+0x14/0x20
[  402.598417]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  402.603373]  ? tty_vhangup+0x30/0x30
[  402.607102]  do_vfs_ioctl+0x1de/0x1720
[  402.611001]  ? __lock_is_held+0xb5/0x140
[  402.615076]  ? ioctl_preallocate+0x300/0x300
[  402.619513]  ? __fget_light+0x2f7/0x440
[  402.623501]  ? fget_raw+0x20/0x20
[  402.626966]  ? __sb_end_write+0xac/0xe0
[  402.630955]  ? fput+0x130/0x1a0
[  402.634251]  ? do_syscall_64+0x9a/0x820
[  402.638236]  ? do_syscall_64+0x9a/0x820
[  402.642234]  ? lockdep_hardirqs_on+0x421/0x5c0
[  402.646843]  ? security_file_ioctl+0x94/0xc0
[  402.651271]  ksys_ioctl+0xa9/0xd0
[  402.654739]  __x64_sys_ioctl+0x73/0xb0
[  402.658639]  do_syscall_64+0x1b9/0x820
[  402.662534]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  402.668003]  ? syscall_return_slowpath+0x5e0/0x5e0
[  402.672950]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[  402.677979]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  402.683008]  ? recalc_sigpending_tsk+0x180/0x180
[  402.687775]  ? kasan_check_write+0x14/0x20
[  402.692025]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  402.696888]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  402.702086] RIP: 0033:0x457089
[  402.705292] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  402.724216] RSP: 002b:00007f6881fbcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  402.731938] RAX: ffffffffffffffda RBX: 00007f6881fbd6d4 RCX: 0000000000457089
[  402.739215] RDX: 00000000200000c0 RSI: 0000000000005441 RDI: 0000000000000003
[  402.746490] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  402.753781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  402.761055] R13: 00000000004d03c8 R14: 00000000004c616b R15: 0000000000000000
[  402.768355] CPU: 1 PID: 14929 Comm: syz-executor4 Not tainted 4.18.0-next-20180817+ #42
[  402.776511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  402.785877] Call Trace:
[  402.788477]  dump_stack+0x1c9/0x2b4
[  402.792118]  ? dump_stack_print_info.cold.2+0x52/0x52
[  402.797317]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  402.802430]  ? check_noncircular+0x20/0x20
[  402.806681]  should_fail.cold.4+0xa/0x11
[  402.810746]  ? print_usage_bug+0xc0/0xc0
[  402.814847]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  402.819964]  ? do_raw_spin_lock+0xc1/0x200
[  402.824223]  ? print_usage_bug+0xc0/0xc0
[  402.828296]  ? print_usage_bug+0xc0/0xc0
[  402.832370]  ? graph_lock+0x170/0x170
[  402.836197]  ? find_held_lock+0x36/0x1c0
[  402.840276]  ? __lock_is_held+0xb5/0x140
[  402.844360]  ? check_same_owner+0x340/0x340
[  402.848690]  ? mark_held_locks+0x160/0x160
[  402.852936]  ? rcu_note_context_switch+0x680/0x680
[  402.857884]  __should_failslab+0x124/0x180
[  402.862130]  should_failslab+0x9/0x14
[  402.865934]  kmem_cache_alloc_node+0x256/0x720
[  402.870528]  ? print_usage_bug+0xc0/0xc0
[  402.874607]  __alloc_skb+0x119/0x770
[  402.878334]  ? skb_scrub_packet+0x490/0x490
[  402.882666]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  402.888225]  ? tcp_established_options+0x36b/0x5c0
[  402.893168]  ? tcp_select_initial_window+0x3b0/0x3b0
[  402.898293]  ? print_usage_bug+0xc0/0xc0
[  402.902374]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  402.907397]  ? tcp_current_mss+0x2ac/0x410
[  402.911641]  ? tcp_mtu_to_mss+0x4e0/0x4e0
[  402.915805]  sk_stream_alloc_skb+0x141/0x970
[  402.920226]  ? tcp_init_transfer+0x470/0x470
[  402.924644]  ? tcp_rate_check_app_limited+0x121/0x460
[  402.929841]  ? tcp_fastopen_reset_cipher.cold.14+0x47/0x47
[  402.935481]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  402.940509]  tcp_sendmsg_locked+0xee8/0x3f20
[  402.944940]  ? lock_downgrade+0x8f0/0x8f0
[  402.949113]  ? tcp_sendpage+0x60/0x60
[  402.952929]  ? __fget+0x4d5/0x740
[  402.956399]  ? find_held_lock+0x36/0x1c0
[  402.960472]  ? mark_held_locks+0xc9/0x160
[  402.964633]  ? __local_bh_enable_ip+0x161/0x230
[  402.969313]  ? __local_bh_enable_ip+0x161/0x230
[  402.973994]  ? trace_hardirqs_on+0xbd/0x2c0
[  402.978320]  ? lock_release+0x9f0/0x9f0
[  402.982302]  ? lock_sock_nested+0xe7/0x120
[  402.986543]  ? trace_hardirqs_off_caller+0x2b0/0x2b0
[  402.991653]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  402.996249]  ? kasan_check_write+0x14/0x20
[  403.000491]  ? lock_sock_nested+0x9f/0x120
[  403.004735]  ? __local_bh_enable_ip+0x161/0x230
[  403.009418]  tcp_sendmsg+0x2f/0x50
[  403.012977]  inet_sendmsg+0x1a1/0x690
[  403.016787]  ? ipip_gro_receive+0x100/0x100
[  403.021120]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  403.026666]  ? security_socket_sendmsg+0x94/0xc0
[  403.031428]  ? ipip_gro_receive+0x100/0x100
[  403.035760]  sock_sendmsg+0xd5/0x120
[  403.039485]  __sys_sendto+0x3d7/0x670
[  403.043300]  ? __ia32_sys_getpeername+0xb0/0xb0
[  403.047984]  ? wait_for_completion+0x8d0/0x8d0
[  403.052580]  ? __lock_is_held+0xb5/0x140
[  403.056663]  ? __sb_end_write+0xac/0xe0
[  403.060650]  ? fput+0x130/0x1a0
[  403.063937]  ? do_syscall_64+0x9a/0x820
[  403.067925]  ? do_syscall_64+0x9a/0x820
[  403.071914]  ? lockdep_hardirqs_on+0x421/0x5c0
[  403.076510]  ? trace_hardirqs_on+0xbd/0x2c0
[  403.080841]  ? __ia32_sys_read+0xb0/0xb0
[  403.084917]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  403.090473]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  403.095857]  ? trace_hardirqs_off_caller+0x2b0/0x2b0
[  403.100979]  __x64_sys_sendto+0xe1/0x1a0
[  403.105053]  do_syscall_64+0x1b9/0x820
[  403.108956]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  403.114333]  ? syscall_return_slowpath+0x5e0/0x5e0
[  403.119274]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  403.124128]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[  403.129155]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  403.134214]  ? prepare_exit_to_usermode+0x291/0x3b0
[  403.139248]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  403.144105]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  403.149300] RIP: 0033:0x457089
[  403.152501] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  403.171406] RSP: 002b:00007f45bc2fdc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  403.179122] RAX: ffffffffffffffda RBX: 00007f45bc2fe6d4 RCX: 0000000000457089
[  403.186397] RDX: 000000000000ff6c RSI: 0000000020000000 RDI: 0000000000000003
[  403.193671] RBP: 00000000009300a0 R08: 00000000200000c0 R09: 0000000000000010
[  403.200950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009
[  403.208225] R13: 00000000004d4178 R14: 00000000004c8b48 R15: 0000000000000000
08:35:41 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x46f5, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:41 executing program 5 (fault-call:9 fault-nth:0):
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:35:41 executing program 7:
r0 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x7, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000180)={0x14004, 0x116000})
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp6\x00')
write$FUSE_BMAP(r1, &(0x7f00000002c0)={0x225, 0x0, 0x1, {0xfff}}, 0x8)
ioctl$LOOP_SET_CAPACITY(r1, 0x4c07)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
seccomp(0x0, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x8, 0x7, 0x40, 0x101}, {0x81, 0xfffffffffffffeff, 0xfffffffffffffffc, 0x7}, {0x8, 0x3, 0x1}]})
socket$nl_route(0x10, 0x3, 0x0)

08:35:41 executing program 3 (fault-call:5 fault-nth:1):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:35:41 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:41 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  403.435647] FAULT_INJECTION: forcing a failure.
[  403.435647] name failslab, interval 1, probability 0, space 0, times 0
[  403.446991] CPU: 1 PID: 14945 Comm: syz-executor3 Not tainted 4.18.0-next-20180817+ #42
[  403.455148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  403.464531] Call Trace:
[  403.467667]  dump_stack+0x1c9/0x2b4
[  403.471328]  ? dump_stack_print_info.cold.2+0x52/0x52
[  403.476565]  should_fail.cold.4+0xa/0x11
[  403.480654]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  403.485782]  ? __lock_acquire+0x7fc/0x5020
[  403.490040]  ? kasan_check_read+0x11/0x20
[  403.494231]  ? rcu_is_watching+0x8c/0x150
[  403.498406]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  403.503109]  ? mark_held_locks+0x160/0x160
[  403.507370]  ? find_held_lock+0x36/0x1c0
[  403.511476]  ? check_same_owner+0x340/0x340
[  403.515817]  ? kasan_kmalloc+0xc4/0xe0
[  403.519730]  ? kasan_slab_alloc+0x12/0x20
[  403.523901]  ? kmem_cache_alloc+0x12e/0x710
[  403.528249]  ? rcu_note_context_switch+0x680/0x680
[  403.533227]  __should_failslab+0x124/0x180
[  403.537488]  should_failslab+0x9/0x14
[  403.541313]  kmem_cache_alloc_trace+0x2b5/0x730
[  403.546003]  ? m_show+0x5d0/0x5d0
[  403.549480]  ? lock_downgrade+0x8f0/0x8f0
[  403.553656]  tty_open+0x14b/0xb30
[  403.557135]  ? kasan_check_read+0x11/0x20
[  403.561335]  ? tty_init_dev+0x460/0x460
[  403.565335]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  403.570900]  ? refcount_inc_checked+0x29/0x70
[  403.575430]  ? tty_init_dev+0x460/0x460
[  403.579434]  chrdev_open+0x25a/0x770
[  403.583191]  ? kasan_check_read+0x11/0x20
[  403.587374]  ? cdev_put.part.0+0x50/0x50
[  403.591466]  ? errseq_sample+0xe5/0x130
[  403.595476]  do_dentry_open+0x49c/0x1140
[  403.599557]  ? do_raw_spin_lock+0xc1/0x200
[  403.603826]  ? cdev_put.part.0+0x50/0x50
[  403.607916]  ? chown_common+0x730/0x730
[  403.611922]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  403.616975]  ? percpu_counter_add_batch+0xf2/0x150
[  403.621938]  dentry_open+0x117/0x180
[  403.625688]  ptm_open_peer+0x276/0x350
[  403.629608]  ? pty_unix98_install+0x9d0/0x9d0
08:35:41 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  403.634122]  ? lock_downgrade+0x8f0/0x8f0
[  403.638292]  tty_ioctl+0x254/0x1870
[  403.641953]  ? tty_vhangup+0x30/0x30
[  403.645679]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  403.650374]  ? __fget+0x4d5/0x740
[  403.653845]  ? ksys_dup3+0x690/0x690
[  403.657576]  ? find_held_lock+0x36/0x1c0
[  403.661660]  ? kasan_check_write+0x14/0x20
[  403.665919]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  403.670978]  ? tty_vhangup+0x30/0x30
[  403.674716]  do_vfs_ioctl+0x1de/0x1720
[  403.678631]  ? __lock_is_held+0xb5/0x140
[  403.682715]  ? ioctl_preallocate+0x300/0x300
[  403.687147]  ? __fget_light+0x2f7/0x440
[  403.691163]  ? fget_raw+0x20/0x20
[  403.694657]  ? __sb_end_write+0xac/0xe0
[  403.698651]  ? fput+0x130/0x1a0
[  403.701961]  ? do_syscall_64+0x9a/0x820
[  403.705963]  ? do_syscall_64+0x9a/0x820
[  403.709964]  ? lockdep_hardirqs_on+0x421/0x5c0
[  403.714571]  ? security_file_ioctl+0x94/0xc0
[  403.719002]  ksys_ioctl+0xa9/0xd0
[  403.722481]  __x64_sys_ioctl+0x73/0xb0
[  403.726387]  do_syscall_64+0x1b9/0x820
[  403.730294]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  403.735679]  ? syscall_return_slowpath+0x5e0/0x5e0
[  403.740628]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[  403.745665]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  403.750699]  ? recalc_sigpending_tsk+0x180/0x180
[  403.755479]  ? kasan_check_write+0x14/0x20
[  403.759737]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  403.764614]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  403.769818] RIP: 0033:0x457089
[  403.773032] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  403.790620] FAULT_INJECTION: forcing a failure.
[  403.790620] name failslab, interval 1, probability 0, space 0, times 0
[  403.792056] RSP: 002b:00007f6881fbcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  403.792074] RAX: ffffffffffffffda RBX: 00007f6881fbd6d4 RCX: 0000000000457089
[  403.792083] RDX: 00000000200000c0 RSI: 0000000000005441 RDI: 0000000000000003
[  403.792092] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  403.792101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  403.792111] R13: 00000000004d03c8 R14: 00000000004c616b R15: 0000000000000001
[  403.847891] CPU: 0 PID: 14941 Comm: syz-executor5 Not tainted 4.18.0-next-20180817+ #42
[  403.856051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  403.865422] Call Trace:
[  403.868038]  dump_stack+0x1c9/0x2b4
[  403.871694]  ? dump_stack_print_info.cold.2+0x52/0x52
[  403.876914]  should_fail.cold.4+0xa/0x11
[  403.881003]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  403.886135]  ? print_usage_bug+0xc0/0xc0
[  403.890238]  ? print_usage_bug+0xc0/0xc0
[  403.894322]  ? graph_lock+0x170/0x170
[  403.898151]  ? find_held_lock+0x36/0x1c0
[  403.902255]  ? __lock_is_held+0xb5/0x140
[  403.906354]  ? check_same_owner+0x340/0x340
[  403.910696]  ? rcu_note_context_switch+0x680/0x680
[  403.915675]  __should_failslab+0x124/0x180
[  403.919931]  should_failslab+0x9/0x14
[  403.923745]  kmem_cache_alloc+0x29c/0x710
[  403.927923]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  403.933486]  ? kvm_pfn_to_page+0x7a/0xa0
[  403.937569]  mmu_topup_memory_caches+0xf7/0x3a0
[  403.942250]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  403.947817]  ? kvm_apic_has_interrupt+0xe9/0x230
[  403.952600]  kvm_mmu_load+0x21/0x1260
[  403.956416]  ? kvm_apic_accept_pic_intr+0xef/0x1a0
[  403.961382]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  403.966936]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  403.972496]  vcpu_enter_guest+0x3c8b/0x61a0
[  403.976852]  ? kasan_check_write+0x14/0x20
[  403.981111]  ? kvm_set_msr_common+0x2680/0x2680
[  403.985802]  ? vmx_vcpu_load+0xad2/0xfe0
[  403.989887]  ? handle_dr+0x8c0/0x8c0
[  403.993616]  ? graph_lock+0x170/0x170
[  403.997425]  ? lock_downgrade+0x8f0/0x8f0
[  404.001624]  ? __lock_is_held+0xb5/0x140
[  404.005704]  ? lock_acquire+0x1e4/0x4f0
[  404.009693]  ? kvm_arch_vcpu_ioctl_run+0x234/0x16d0
[  404.014729]  ? lock_release+0x9f0/0x9f0
[  404.018713]  ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340
[  404.024007]  ? kvm_arch_dev_ioctl+0x610/0x610
[  404.028565]  ? preempt_notifier_dec+0x20/0x20
[  404.033091]  kvm_arch_vcpu_ioctl_run+0x373/0x16d0
[  404.037948]  ? kvm_arch_vcpu_ioctl_run+0x373/0x16d0
[  404.042998]  kvm_vcpu_ioctl+0x7b8/0x1280
[  404.047080]  ? kvm_uevent_notify_change.part.32+0x440/0x440
[  404.052808]  ? find_held_lock+0x36/0x1c0
[  404.056904]  ? lock_downgrade+0x8f0/0x8f0
[  404.061072]  ? kasan_check_read+0x11/0x20
[  404.065232]  ? rcu_is_watching+0x8c/0x150
[  404.069393]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  404.074088]  ? __fget+0x4d5/0x740
[  404.077564]  ? ksys_dup3+0x690/0x690
[  404.081288]  ? find_held_lock+0x36/0x1c0
[  404.085371]  ? kasan_check_write+0x14/0x20
[  404.089620]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  404.094571]  ? kvm_uevent_notify_change.part.32+0x440/0x440
[  404.100295]  do_vfs_ioctl+0x1de/0x1720
[  404.104210]  ? __lock_is_held+0xb5/0x140
[  404.108291]  ? ioctl_preallocate+0x300/0x300
[  404.112715]  ? __fget_light+0x2f7/0x440
[  404.116704]  ? fget_raw+0x20/0x20
[  404.120193]  ? __sb_end_write+0xac/0xe0
[  404.124202]  ? fput+0x130/0x1a0
[  404.127500]  ? do_syscall_64+0x9a/0x820
[  404.131500]  ? do_syscall_64+0x9a/0x820
[  404.135486]  ? lockdep_hardirqs_on+0x421/0x5c0
[  404.140087]  ? security_file_ioctl+0x94/0xc0
[  404.144516]  ksys_ioctl+0xa9/0xd0
[  404.147988]  __x64_sys_ioctl+0x73/0xb0
[  404.151892]  do_syscall_64+0x1b9/0x820
[  404.155797]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  404.161193]  ? syscall_return_slowpath+0x5e0/0x5e0
[  404.166140]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  404.171015]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[  404.176044]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  404.181080]  ? prepare_exit_to_usermode+0x291/0x3b0
[  404.186115]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  404.190980]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  404.196194] RIP: 0033:0x457089
[  404.199401] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  404.218309] RSP: 002b:00007fca4b773c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  404.226030] RAX: ffffffffffffffda RBX: 00007fca4b7746d4 RCX: 0000000000457089
08:35:42 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:42 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0)

[  404.233310] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  404.240588] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  404.247870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
[  404.255149] R13: 00000000004cedf0 R14: 00000000004c54c9 R15: 0000000000000000
[  404.267506] audit: type=1326 audit(1534494942.521:226): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14943 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:42 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x3138, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:42 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x4344, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:42 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:42 executing program 3 (fault-call:5 fault-nth:2):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  404.433212] audit: type=1326 audit(1534494942.688:227): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14943 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:42 executing program 7:
r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
getsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xb)
fstat(r1, &(0x7f0000000100))
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000180), &(0x7f00000001c0)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
r2 = getpgrp(0x0)
perf_event_open(&(0x7f0000000280)={0x3, 0x70, 0x2, 0x3, 0x2, 0x2, 0x0, 0xdd, 0x200, 0x4, 0x3, 0x6e, 0x3, 0xff, 0xfffffffffffffffe, 0x6, 0x4, 0x45df692a, 0x6, 0x80000000, 0x8001, 0xffffffff, 0x7, 0x7d7d85a7, 0x8, 0x80000000, 0x9, 0x2000000000, 0x9, 0x1000000000000, 0x3ff, 0x7ba, 0x3ff, 0x7, 0xffffffffffffff81, 0x8000000000000, 0x81, 0x9bc, 0x0, 0x6594, 0x1, @perf_config_ext={0x0, 0x1ff}, 0x1000, 0x6, 0xff, 0x0, 0x1, 0x6, 0x100000000}, r2, 0x5, r0, 0x2)

08:35:42 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  404.515031] pts pts18: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:42 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:42 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  404.600271] audit: type=1326 audit(1534494942.854:228): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14981 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  404.753510] pts pts19: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:43 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:35:43 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x2, 0x0)

08:35:43 executing program 1:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x46f5, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:43 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:43 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5424, &(0x7f00000000c0))

08:35:43 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x2000ff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:43 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x2000ff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:43 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x541d, &(0x7f00000000c0))

08:35:43 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:43 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5451, 0x0)

08:35:43 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xc0189436, 0x0)

[  405.376393] audit: type=1326 audit(1534494943.631:229): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=14981 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:43 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
pipe2(&(0x7f0000000000), 0x80800)
socket$nl_route(0x10, 0x3, 0x0)

08:35:43 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:43 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x540c, &(0x7f00000000c0))

08:35:43 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5452, 0x0)

[  405.662278] audit: type=1326 audit(1534494943.916:230): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15043 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:44 executing program 1:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:44 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5428, &(0x7f00000000c0))

08:35:44 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4090ae82, 0x0)

08:35:44 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:44 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0xc0189436, &(0x7f00000000c0))

08:35:44 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xfffffdef, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:44 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:44 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x5be, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:44 executing program 1:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:44 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x8138ae83, 0x0)

08:35:44 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0xc020660b, &(0x7f00000000c0))

08:35:44 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4138ae84, 0x0)

[  406.453942] audit: type=1326 audit(1534494944.698:231): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15043 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:44 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:35:44 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:44 executing program 1:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:44 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x540d, &(0x7f00000000c0))

[  406.680283] audit: type=1326 audit(1534494944.935:232): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15108 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:45 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5421, &(0x7f00000000c0))

08:35:45 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x483, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:45 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:45 executing program 1 (fault-call:11 fault-nth:0):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:45 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0)

[  407.052128] FAULT_INJECTION: forcing a failure.
[  407.052128] name failslab, interval 1, probability 0, space 0, times 0
[  407.063706] CPU: 1 PID: 15141 Comm: syz-executor1 Not tainted 4.18.0-next-20180817+ #42
[  407.071862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  407.081243] Call Trace:
[  407.083874]  dump_stack+0x1c9/0x2b4
[  407.087549]  ? dump_stack_print_info.cold.2+0x52/0x52
[  407.092770]  ? should_fail+0x235/0xd86
[  407.096706]  should_fail.cold.4+0xa/0x11
[  407.100799]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  407.105932]  ? hrtimer_force_reprogram+0x1fd/0x2d0
[  407.110904]  ? kvm_sched_clock_read+0x18/0x30
[  407.115432]  ? sched_clock+0x31/0x40
[  407.119190]  ? sched_clock_cpu+0x1b/0x170
[  407.123371]  ? hrtimer_try_to_cancel+0xb8/0x620
[  407.128065]  ? graph_lock+0x170/0x170
[  407.131892]  ? find_held_lock+0x36/0x1c0
[  407.135978]  ? __lock_is_held+0xb5/0x140
[  407.140045]  ? check_same_owner+0x340/0x340
[  407.144362]  ? mark_held_locks+0xc9/0x160
[  407.148509]  ? rcu_note_context_switch+0x680/0x680
[  407.153445]  __should_failslab+0x124/0x180
[  407.157675]  should_failslab+0x9/0x14
[  407.161470]  kmem_cache_alloc_node+0x256/0x720
[  407.166049]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  407.171514]  __alloc_skb+0x119/0x770
[  407.175243]  ? skb_scrub_packet+0x490/0x490
[  407.179566]  ? lockdep_hardirqs_on+0x421/0x5c0
[  407.184144]  ? retint_kernel+0x10/0x10
[  407.188048]  ? trace_hardirqs_on_caller+0xc0/0x2b0
[  407.192979]  ? tcp_select_initial_window+0x3b0/0x3b0
[  407.198080]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  407.202863]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  407.208376]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  407.213161]  sk_stream_alloc_skb+0x141/0x970
[  407.217604]  ? retint_kernel+0x10/0x10
[  407.221514]  ? tcp_init_transfer+0x470/0x470
[  407.225934]  ? tcp_send_mss+0xee/0x2c0
[  407.229855]  ? tcp_send_mss+0x118/0x2c0
[  407.233844]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  407.238879]  tcp_sendmsg_locked+0xee8/0x3f20
[  407.243306]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  407.248170]  ? tcp_sendpage+0x60/0x60
[  407.251997]  ? lockdep_hardirqs_on+0x19e/0x5c0
[  407.256585]  ? retint_kernel+0x10/0x10
[  407.260515]  ? trace_hardirqs_on_caller+0xc0/0x2b0
[  407.265468]  ? find_held_lock+0x36/0x1c0
[  407.269572]  ? mark_held_locks+0xc9/0x160
[  407.273735]  ? __local_bh_enable_ip+0x161/0x230
[  407.278425]  ? __local_bh_enable_ip+0x161/0x230
[  407.283123]  ? trace_hardirqs_on+0xbd/0x2c0
[  407.287495]  ? lock_release+0x9f0/0x9f0
[  407.291496]  ? lock_sock_nested+0xe7/0x120
[  407.295740]  ? trace_hardirqs_off_caller+0x2b0/0x2b0
[  407.300854]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  407.305449]  ? kasan_check_write+0x14/0x20
[  407.309696]  ? lock_sock_nested+0x9f/0x120
[  407.313940]  ? __local_bh_enable_ip+0x161/0x230
[  407.318628]  tcp_sendmsg+0x2f/0x50
[  407.322208]  inet_sendmsg+0x1a1/0x690
[  407.326039]  ? ipip_gro_receive+0x100/0x100
[  407.330389]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  407.335940]  ? security_socket_sendmsg+0x94/0xc0
[  407.340711]  ? ipip_gro_receive+0x100/0x100
[  407.345080]  sock_sendmsg+0xd5/0x120
[  407.348808]  __sys_sendto+0x3d7/0x670
[  407.352623]  ? __ia32_sys_getpeername+0xb0/0xb0
[  407.357305]  ? trace_hardirqs_on_caller+0xc0/0x2b0
[  407.362254]  ? schedule+0xfb/0x450
[  407.365826]  ? trace_hardirqs_off+0xb8/0x2b0
[  407.370242]  ? do_syscall_64+0x6be/0x820
[  407.374317]  ? do_syscall_64+0x9a/0x820
[  407.378304]  ? do_syscall_64+0x9a/0x820
[  407.382292]  ? lockdep_hardirqs_on+0x421/0x5c0
[  407.386913]  ? trace_hardirqs_on+0xbd/0x2c0
[  407.391249]  ? exit_to_usermode_loop+0x1f4/0x380
[  407.396016]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  407.401388]  ? trace_hardirqs_off_caller+0x2b0/0x2b0
[  407.406517]  __x64_sys_sendto+0xe1/0x1a0
[  407.410590]  do_syscall_64+0x1b9/0x820
[  407.414489]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  407.419878]  ? syscall_return_slowpath+0x5e0/0x5e0
[  407.424818]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  407.429688]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[  407.434715]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  407.439738]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  407.445285]  ? prepare_exit_to_usermode+0x291/0x3b0
[  407.450318]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  407.455194]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  407.460395] RIP: 0033:0x457089
[  407.463596] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  407.483005] RSP: 002b:00007f5af5295c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  407.490737] RAX: ffffffffffffffda RBX: 00007f5af52966d4 RCX: 0000000000457089
08:35:45 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x41a, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:45 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xc018ae85, 0x0)

08:35:45 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5451, &(0x7f00000000c0))

08:35:45 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  407.498014] RDX: 000000000000ff6c RSI: 0000000020000000 RDI: 0000000000000003
[  407.505288] RBP: 00000000009300a0 R08: 00000000200000c0 R09: 0000000000000010
[  407.512561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
[  407.519837] R13: 00000000004d4178 R14: 00000000004c8b48 R15: 0000000000000000
[  407.547898] audit: type=1326 audit(1534494945.799:233): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15108 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:45 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x89d, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:45 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5450, &(0x7f00000000c0))

08:35:46 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:46 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x7, 0x4900)
getsockopt$packet_buf(r0, 0x107, 0x6, &(0x7f0000000080)=""/2, &(0x7f00000000c0)=0x2)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
write$UHID_CREATE(r0, &(0x7f0000000280)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000100)=""/207, 0xcf, 0x23b, 0x937, 0x7fffffff, 0x1ff, 0x5}, 0x120)

08:35:46 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x41d, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:46 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0)

08:35:46 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5437, &(0x7f00000000c0))

08:35:46 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:46 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xc0189436, 0x0)

[  407.941169] audit: type=1326 audit(1534494946.196:234): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15180 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:46 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x80045432, &(0x7f00000000c0))

08:35:46 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:46 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0)

08:35:46 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x2545, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:46 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0xc0045878, &(0x7f00000000c0))

08:35:46 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4020940d, 0x0)

08:35:46 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:46 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x2e59, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:46 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5413, &(0x7f00000000c0))

08:35:46 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x1f95, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  408.739579] audit: type=1326 audit(1534494946.994:235): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15180 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:47 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:35:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5452, &(0x7f00000000c0))

08:35:47 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:47 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4020940d, 0x0)

08:35:47 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x43ad, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:47 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x8004ae98, 0x0)

[  408.888418] audit: type=1326 audit(1534494947.143:236): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15253 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5460, &(0x7f00000000c0))

08:35:47 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xc5b2, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:47 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5460, 0x0)

08:35:47 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x8004ae98, 0x0)

08:35:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5418, &(0x7f00000000c0))

08:35:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5414, &(0x7f00000000c0))

08:35:47 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:47 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x4551, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:48 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4004ae99, 0x0)

08:35:48 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xc018ae85, 0x0)

[  409.684139] audit: type=1326 audit(1534494947.939:237): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15253 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:48 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000100)={0x0, &(0x7f00000000c0)})
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000))

08:35:48 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5423, &(0x7f00000000c0))

08:35:48 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:48 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x834, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  409.862347] audit: type=1326 audit(1534494948.117:238): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15312 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:48 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5412, &(0x7f00000000c0))

08:35:48 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4090ae82, 0x0)

08:35:48 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xc020660b, 0x0)

08:35:48 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x952d, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:48 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5427, &(0x7f00000000c0))

08:35:48 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x1482, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:48 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:48 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x8090ae81, 0x0)

08:35:48 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5416, &(0x7f00000000c0))

[  410.639234] audit: type=1326 audit(1534494948.893:239): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15312 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:49 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4004ae99, 0x0)

08:35:49 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x4020940d, &(0x7f00000000c0))

08:35:49 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x667c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:49 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x1ffe, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:49 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xe4d, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:49 executing program 7:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000000)={0x0, &(0x7f0000000080)})
fsync(r0)
socket$nl_route(0x10, 0x3, 0x0)

08:35:49 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x40049409, 0x0)

[  411.036971] audit: type=1326 audit(1534494949.291:240): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15373 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:49 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:49 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0xc0045878, &(0x7f00000000c0))

08:35:49 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xc020660b, 0x0)

08:35:49 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x540b, &(0x7f00000000c0))

08:35:49 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0)

08:35:49 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x1554, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:49 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x25ae, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:49 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x541f, &(0x7f00000000c0))

08:35:50 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0)

08:35:50 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5409, &(0x7f00000000c0))

08:35:50 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x6400, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  411.832373] audit: type=1326 audit(1534494950.087:241): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15373 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:50 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x627, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:50 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5421, 0x0)

08:35:50 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x2, 0x200)
ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0xc)

08:35:50 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5425, &(0x7f00000000c0))

[  412.055608] audit: type=1326 audit(1534494950.310:242): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15442 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:50 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0)

08:35:50 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x545d, &(0x7f00000000c0))

08:35:50 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x834, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:50 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x65b8, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:50 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:50 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xc0045878, 0x0)

08:35:50 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x80045440, &(0x7f00000000c0))

08:35:50 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4138ae84, 0x0)

08:35:50 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xde4, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:50 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x40049409, &(0x7f00000000c0))

08:35:51 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5452, 0x0)

08:35:51 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x64000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:51 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x2, &(0x7f00000000c0))

08:35:51 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xc0045878, 0x0)

[  412.837708] audit: type=1326 audit(1534494951.092:243): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15442 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:51 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040)={0x7c, &(0x7f0000000100)})
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xffffffff00000001, 0x2000)
ioctl$KVM_XEN_HVM_CONFIG(r0, 0x4038ae7a, &(0x7f00000001c0)={0x2, 0x222, &(0x7f0000000080)="6a272d15bde0d0f684977280655fe92a833690c18fd54e05ff5e3b1e462999be704a80cb6066", &(0x7f00000000c0)="46102ab6e63491e204caebf595bc794583d7412e9de8baeb9b2be0254feffab90f685338037c0cb5427371a758c0393a9178fc40d24111795a0af80e16cfee8a30bfb249c90924370452def04ac9f9259a5bdf02419229dff2dd0d6cad303acc0f51c93480958db776742560045934dfb07b4248feb07228a706301ac58fb8a741cd138b770a240e5611c29d6b6bec26c130dabcafb2ea45f9eed2c837f3b47591cbc5120c5b8048fe81ce33f9eb457b9152f64351414b4e0b6c12dadb623ef2ce1e7f63a3", 0x26, 0xc5})

08:35:51 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x60cc, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:51 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5460, 0x0)

[  412.981101] audit: type=1326 audit(1534494951.236:244): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15514 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:51 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5415, &(0x7f00000000c0))

08:35:51 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:51 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x41a, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:51 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5421, 0x0)

08:35:51 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x1000000000000})

08:35:51 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xc0045878, 0x0)

[  413.365761] pts pts20: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:51 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x400000000000000})

08:35:51 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x1482, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:51 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x2000ff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:51 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0)

[  413.548100] pts pts21: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  413.564248] pts pts22: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  413.766216] audit: type=1326 audit(1534494952.021:245): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15514 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:52 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x640000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:52 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5450, 0x0)

08:35:52 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x5000000})

08:35:52 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x1, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000000280)=ANY=[@ANYRES32=<r1=>0x0, @ANYBLOB="070000002eb6376edae351e0f6afe0fa2ba0b903d724cfe4941af9ceed17e0e550e422f5364cdc42c088659de678507762660b5751809d9c0691b117a551185a788c5a51b2aa33e1cf5d3d104f0e7e4cb89141f8b5c808685a21ee754690f985e76b1ccb490fb6284b32743e99688e7c30a0d00224f78193576cf43ed94493c55934951767ae6d958a3a"], &(0x7f00000000c0)=0x1e)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={r1, 0x1}, &(0x7f0000000140)=0x8)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)

08:35:52 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xc0045878, 0x0)

08:35:52 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:52 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xf049020000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  413.887641] pts pts23: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  413.928373] pts pts24: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  413.935791] audit: type=1326 audit(1534494952.183:246): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15581 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:52 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x4000000})

08:35:52 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:52 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x40000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  414.043973] audit: type=1326 audit(1534494952.231:247): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15581 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:52 executing program 7:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x80)
preadv(r0, &(0x7f00000003c0)=[{&(0x7f0000000280)=""/165, 0xa5}, {&(0x7f0000000180)=""/83, 0x53}, {&(0x7f0000000340)=""/26, 0x1a}, {&(0x7f0000000380)}], 0x4, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f0000000080)={0x1, 0x8001, 0x557, 'queue1\x00', 0x1})
fadvise64(r0, 0x0, 0x5, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000140)={0x2000})
socket$nl_route(0x10, 0x3, 0x0)

08:35:52 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x40049409, 0x0)

08:35:52 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5450, 0x0)

[  414.192086] pts pts25: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:52 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  414.224621] audit: type=1326 audit(1534494952.429:248): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15606 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  414.243146] pts pts26: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:52 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x4ec, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:52 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x500})

[  414.605600] pts pts27: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  414.614674] pts pts28: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:53 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x53000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:53 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x8090ae81, 0x0)

08:35:53 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xc0000)

08:35:53 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xde4, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:53 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x4})

08:35:53 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:53 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x5})

[  414.885805] pts pts29: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  414.963354] audit: type=1326 audit(1534494953.218:249): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15606 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:53 executing program 7:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000000280)={<r1=>0x0, @empty, @local}, &(0x7f00000002c0)=0xc)
connect$packet(r0, &(0x7f0000000300)={0x11, 0x1a, r1, 0x1, 0x3, 0x6, @local}, 0x14)
r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = dup2(r2, r2)
flistxattr(r2, &(0x7f0000000140)=""/128, 0x80)
setsockopt$inet_udp_encap(r3, 0x11, 0x64, &(0x7f0000000000)=0x3, 0x4)
r4 = request_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000100)='!\x00', 0xfffffffffffffff8)
keyctl$invalidate(0x15, r4)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:35:53 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xa000000)

[  415.044512] pts pts30: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  415.075528] pts pts31: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  415.130173] audit: type=1326 audit(1534494953.385:250): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15670 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:53 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x640000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:53 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x8138ae83, 0x0)

08:35:53 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x500000000000000})

08:35:53 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x30, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:53 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xceffffffffffffff)

[  415.305798] pts pts32: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  415.333965] pts pts33: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:53 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x4000000})

08:35:53 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x28000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  415.546331] pts pts34: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  415.571577] pts pts35: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:54 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xd, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:54 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x2, 0x0)

08:35:54 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x500})

08:35:54 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1900000000000000)

08:35:54 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:54 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x900, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:54 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xd2000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  415.917804] pts pts36: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  415.932921] audit: type=1326 audit(1534494954.187:251): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15670 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  415.963910] pts pts37: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:54 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
acct(0x0)
socket$nl_route(0x10, 0x3, 0x0)

08:35:54 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:54 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x5})

08:35:54 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x10000000000000)

08:35:54 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5451, 0x0)

[  416.120128] audit: type=1326 audit(1534494954.375:252): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15743 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  416.176744] pts pts38: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  416.206638] pts pts39: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:54 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x4})

08:35:54 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x1482, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:54 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x11, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  416.384950] pts pts40: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  416.397007] pts pts41: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:54 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1300000000000000)

08:35:55 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x34, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:55 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xc)

08:35:55 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x1000000000000})

08:35:55 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xffffffce)

08:35:55 executing program 6:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5451, 0x0)

08:35:55 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xa000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  416.858210] pts pts42: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  416.883647] pts pts43: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:55 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x1ac, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:35:55 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x400000000000000})

08:35:55 executing program 6:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xd2000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:55 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x231860)

08:35:55 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x18000000)

[  417.107219] pts pts44: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  417.158708] pts pts45: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:55 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x500000000000000})

08:35:55 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000)

08:35:55 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xb00)

[  417.422711] pts pts46: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  417.453463] pts pts47: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:56 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x9a38000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:56 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x5000000})

08:35:56 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x10000000)

08:35:56 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x500)

08:35:56 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x111182, 0x0)
write$P9_RFSYNC(r0, &(0x7f0000000080)={0x7, 0x33, 0x1}, 0x7)

08:35:56 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x200000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:56 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1a4, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:56 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0x60cc, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  418.047661] kauditd_printk_skb: 3 callbacks suppressed
[  418.047675] audit: type=1326 audit(1534494956.302:256): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15852 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  418.062824] pts pts48: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  418.149826] pts pts49: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:56 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x70300000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:56 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x500000000000000})

08:35:56 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x19000000)

08:35:56 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x2000)

[  418.395809] pts pts50: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  418.417133] pts pts51: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:56 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x1000000000000})

[  418.626749] pts pts52: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  418.643206] pts pts53: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:56 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xa00000000000000)

08:35:57 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2800, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:57 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x400000000000000})

08:35:57 executing program 6:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0x5421, 0x0)

08:35:57 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x5000000)

[  418.837218] audit: type=1326 audit(1534494957.092:257): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15852 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:57 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000100)={<r0=>0x0, @in={{0x2, 0x4e23, @loopback}}}, &(0x7f00000001c0)=0x84)
getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000280)={r0, 0x681}, &(0x7f00000002c0)=0x8)
accept4$llc(0xffffffffffffffff, &(0x7f0000000080)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000000c0)=0x10, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

[  418.897539] pts pts54: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  418.932899] pts pts55: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:57 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x5000000})

[  419.012928] audit: type=1326 audit(1534494957.267:258): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15918 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:57 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xce, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  419.182273] pts pts56: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  419.217160] pts pts57: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:57 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x3d000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:57 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:57 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe00000000000000)

08:35:57 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x5300000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:57 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe000000)

08:35:57 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x4000000})

08:35:57 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x6207000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  419.497748] pts pts58: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  419.530553] pts pts59: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:57 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x500})

08:35:57 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2400, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:58 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xb000000)

[  419.780523] pts pts60: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  419.789000] audit: type=1326 audit(1534494958.043:259): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15918 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  419.807901] pts pts61: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:58 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xfffffdfd)

08:35:58 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x505100, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x1, &(0x7f00000002c0), &(0x7f0000000340)=0x60)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_buf(r1, 0x1, 0x3f, &(0x7f0000000100)=""/162, &(0x7f00000001c0)=0xa2)
ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000380))
r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x4, 0x8001)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer2\x00', 0x200000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000080)={0x1, 0x80, 0xd664})

08:35:58 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x5})

[  420.028503] audit: type=1326 audit(1534494958.283:260): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15982 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  420.073680] pts pts62: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  420.102559] pts pts63: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:58 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x4})

08:35:58 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xf)

08:35:58 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff)

[  420.344103] pts pts64: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  420.364439] pts pts65: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:58 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4})

08:35:58 executing program 6:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe000000)

08:35:58 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1800)

08:35:58 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x3b01000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:58 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1e)

[  420.597999] pts pts66: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  420.648177] pts pts67: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:59 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x40020000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:59 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x500000000000000})

08:35:59 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xce, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  420.825497] audit: type=1326 audit(1534494959.080:261): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15982 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  420.891825] pts pts68: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  420.919315] pts pts69: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:59 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xc, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:59 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000000))
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:35:59 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x2000)

08:35:59 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x10000000)

08:35:59 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1000000000000})

[  421.051403] audit: type=1326 audit(1534494959.306:262): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16047 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:35:59 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xbe5, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  421.168126] pts pts70: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  421.183274] pts pts71: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:35:59 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1c00000000000000)

08:35:59 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x400000000000000})

08:35:59 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:35:59 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x13)

08:35:59 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xe0930400, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  421.462981] pts pts72: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  421.494111] pts pts73: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:00 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2500, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:00 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5000000})

08:36:00 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe803000000000000)

08:36:00 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000)

[  421.829083] pts pts74: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  421.845611] audit: type=1326 audit(1534494960.100:263): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16047 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  421.875372] pts pts75: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:00 executing program 7:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x1, 0x40)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
ioctl$sock_proto_private(r1, 0x89e5, &(0x7f00000000c0))
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000080)={{0xffffffffffffffff, 0x3, 0x6, 0x3, 0x4d}})
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x3, 0xfe)

[  421.998538] audit: type=1326 audit(1534494960.253:264): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16110 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:00 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4000000})

08:36:00 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x7512000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:00 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff00000000)

08:36:00 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xa, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:00 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x200000)

[  422.267296] pts pts76: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  422.301299] pts pts77: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:00 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x500})

08:36:00 executing program 6:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x1ffe, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:00 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x16)

08:36:00 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x29000000)

[  422.567019] pts pts78: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  422.584635] pts pts79: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:00 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x14000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:00 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5})

08:36:01 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x249f0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  422.798450] audit: type=1326 audit(1534494961.053:265): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16110 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  422.848320] pts pts80: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:01 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000)

08:36:01 executing program 7:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffa, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xad}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r1 = syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0x2, 0x40000)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000001280)=[@in6={0xa, 0x4e22, 0x7fffffff, @dev={0xfe, 0x80, [], 0xc}, 0x2}, @in6={0xa, 0x4e23, 0x7d, @mcast1, 0xdcb8}, @in={0x2, 0x4e23, @broadcast}], 0x48)
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/236, 0xec}, {&(0x7f0000000280)=""/4096, 0x1000}], 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

[  422.900516] pts pts81: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:01 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x17000000)

08:36:01 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x400000000000000})

08:36:01 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x8a, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  423.052939] audit: type=1326 audit(1534494961.307:266): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16172 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  423.161297] pts pts82: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:01 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe803000000000000)

08:36:01 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xd020000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:01 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x5000000})

08:36:01 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:01 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1b000000)

[  423.383515] pts pts83: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  423.414509] pts pts84: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:01 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x48, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:01 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4000000})

08:36:01 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2b00, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:01 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xffff0000)

[  423.652523] pts pts85: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  423.707542] pts pts86: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:02 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1700)

08:36:02 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x500})

08:36:02 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000000)={0x1e})
socket$nl_route(0x10, 0x3, 0x0)

[  423.822299] audit: type=1326 audit(1534494962.077:267): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16172 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:02 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x19000000)

[  423.968199] pts pts87: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  423.972602] audit: type=1326 audit(1534494962.217:268): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16236 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  423.995041] pts pts88: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:02 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x5})

08:36:02 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1c)

[  424.193148] pts pts89: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  424.234300] pts pts90: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:02 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x48000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:02 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x8, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:02 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x7)

08:36:02 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4})

08:36:02 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1100)

08:36:02 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:02 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x41, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  424.761294] audit: type=1326 audit(1534494963.016:269): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16236 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:03 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = request_key(&(0x7f0000000100)='id_legacy\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000180)='\x00', 0xfffffffffffffffd)
keyctl$read(0xb, r0, &(0x7f0000000280)=""/165, 0xa5)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socketpair(0xb, 0x7, 0x7, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
accept$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14)
socket$nl_route(0x10, 0x3, 0x0)

[  424.803624] pts pts91: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  424.828277] pts pts92: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:03 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1100, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:03 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x500000000000000})

[  424.997156] audit: type=1326 audit(1534494963.252:270): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16294 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:03 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xffff000000000000)

08:36:03 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1300)

[  425.045876] pts pts93: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  425.078175] pts pts94: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:03 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x1000000000000})

08:36:03 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1f4, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:03 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2b00, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:03 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  425.264140] pts pts95: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  425.307586] pts pts96: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:03 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000})

[  425.528468] pts pts97: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  425.544052] pts pts98: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:03 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2222, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:03 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xc000000)

08:36:03 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000})

08:36:03 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1600)

08:36:03 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2df, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  425.764646] pts pts99: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  425.782959] audit: type=1326 audit(1534494964.037:271): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16294 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  425.787303] pts pts100: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:04 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1200000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:04 executing program 7:
socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000300)={<r0=>0xffffffffffffffff})
accept$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, &(0x7f0000000380)=0x10)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:36:04 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x15)

08:36:04 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000})

08:36:04 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xee0f00)

[  426.021543] audit: type=1326 audit(1534494964.276:272): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16362 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  426.125472] pts pts101: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  426.149904] pts pts102: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:04 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000})

08:36:04 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x40020000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:04 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:04 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x8)

08:36:04 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x11000000)

08:36:04 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xc000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  426.453940] pts pts103: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  426.477794] pts pts104: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:05 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x15000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:05 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x500})

08:36:05 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xbe05, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:05 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xa00000000000000)

08:36:05 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1000000)

[  426.840036] pts pts105: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  426.840832] audit: type=1326 audit(1534494965.095:273): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16362 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:05 executing program 7:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
fchmod(r0, 0x1c7)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7fffffff, 0x200)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000080)={<r2=>0x0, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}}, [0xa18, 0x200, 0x400, 0x6, 0x4, 0x5, 0x8, 0xffffffffffffff00, 0x3, 0x40, 0x326, 0x75c, 0x8000, 0x1, 0x7]}, &(0x7f0000000180)=0x100)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f00000001c0)={r2, 0xe, "bd266d9e0dde3cebd51e12a1ee6a"}, &(0x7f0000000280)=0x16)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x7)

[  426.894058] pts pts106: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:05 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xe0930400, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:05 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4})

[  427.071215] audit: type=1326 audit(1534494965.297:274): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16427 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:05 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x900000000000000)

08:36:05 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x4000000000000000)

[  427.229132] pts pts107: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  427.252970] pts pts108: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:05 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5})

[  427.467176] pts pts109: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  427.482018] pts pts110: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:05 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x76020000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:05 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:05 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000})

08:36:05 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x8000000)

08:36:05 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1a00000000000000)

[  427.751155] pts pts111: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  427.779926] pts pts112: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  427.811862] audit: type=1326 audit(1534494966.065:275): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16427 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:06 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1800)

08:36:06 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2526, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:06 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x4e, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:06 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:36:06 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x400000000000000)

08:36:06 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000})

[  428.080670] audit: type=1326 audit(1534494966.335:276): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16493 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  428.136255] pts pts113: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  428.158765] pts pts114: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:06 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xf4010000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:06 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x5d00, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:06 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1d)

08:36:06 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500})

08:36:06 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:06 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x9000000)

[  428.432127] pts pts115: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  428.481651] pts pts116: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:06 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})

08:36:06 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xe00, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:06 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1040000000000000)

[  428.702470] pts pts117: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  428.737564] pts pts118: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:07 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1b00)

08:36:07 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xffffffffffffffff, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:07 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})

[  428.883294] audit: type=1326 audit(1534494967.138:277): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16493 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:07 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xe803000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:07 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x14, 0x3, 0x9, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
sendto$unix(r1, &(0x7f0000000380)="0696c4a0b9c093cc9723f287c408dffca995b17283f5fc86fa30b68ec9cd879991b718f330cc7dec8dd3eb6ea3a708b936c62429a438d99719b7506f1536d632a7a7162e939a7adc83e2590fd02b76968acdf400ac54cc831b100e058702f772ce1d659775bd10c67b7411", 0x1cd, 0x20000000, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
getsockopt$inet6_mreq(r1, 0x29, 0x15, &(0x7f0000000100)={@mcast2}, &(0x7f0000000140)=0x14)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x0, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000000)={0x0, 0x7530}, 0x10)

08:36:07 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xf00)

08:36:07 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x9)

[  429.061717] pts pts119: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  429.066302] audit: type=1326 audit(1534494967.298:278): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16559 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:07 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:07 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xe00000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:07 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000})

[  429.313392] pts pts120: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  429.336335] pts pts121: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:07 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000})

08:36:07 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xa)

08:36:07 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xb)

[  429.616762] pts pts122: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  429.647646] pts pts123: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:07 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:08 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2300000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:08 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000})

[  429.827121] audit: type=1326 audit(1534494968.081:279): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16559 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:08 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe0fe)

08:36:08 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000100)="7dac8b9176800bb76c10678171b81967ad6c98cfe044e1a483d1ae7edfd31c9b79d56316de6e0ec7c9a92cbc0c1f54d5d7d67d7859ce0993f1d920b836331f940946ee8dc3cd4f5929ce3245231241e1cb5e2e41ddf0b4c460d5e4318437df2c4907d9f38a93e8ed198ec2a25762f1a85c8d2fa8cc0c046e652b7aae7ffe0ac33cb487f5bb6a0eb0cce738524fd82531818b0a222d40ba364c7d316d7764accd2027e580a8a579f28344647d9c7c225f64e8d0377d423b29330aedf0d0ecc85af5d05820951fd67a557d692a591082cd0ebb815940511a0e605273cbdbe5ebba3723e6cc2252ac0d653d6386e6a9c295d82f302ebd44883dd75de2521e9df633")
r1 = memfd_create(&(0x7f0000000000)='\x00', 0x2)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000080)=@assoc_value, &(0x7f00000000c0)=0x8)

08:36:08 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1a00000000000000)

[  429.948739] pts pts124: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  429.985951] pts pts125: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  430.039100] audit: type=1326 audit(1534494968.294:280): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16618 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:08 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x440, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:08 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000})

08:36:08 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x600)

08:36:08 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x6900, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:08 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xceffffff)

[  430.576165] pts pts126: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  430.608366] pts pts127: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:08 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:08 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})

[  430.818700] audit: type=1326 audit(1534494969.073:281): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16618 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:09 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

08:36:09 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x5d, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  430.859321] pts pts128: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:09 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xa00000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:09 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xc)

08:36:09 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1900000000000000)

[  430.944008] pts pts129: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:09 executing program 7:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vsock\x00', 0x800, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f00000002c0)=""/40)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x4000, 0x0)
ioctl$EVIOCGNAME(r2, 0x80404506, &(0x7f0000000080)=""/67)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1d, 0x3, 0x7fff)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r4=>0x0})
wait4(r4, 0x0, 0x80000000, &(0x7f0000000140))
setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r3, 0x111, 0x4, 0x0, 0x10000029e)

08:36:09 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})

08:36:09 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x3b01000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  431.182941] Unknown ioctl 1082175137
[  431.235743] audit: type=1326 audit(1534494969.490:282): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16680 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  431.260518] pts pts130: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:09 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000)

[  431.302697] pts pts131: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  431.325016] audit: type=1326 audit(1534494969.579:283): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16680 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:09 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000})

08:36:09 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r0 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x5, 0x101000)
r1 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f00000000c0)={r1})
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000)=0xed, 0x4)

08:36:09 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xee0f0000000000)

[  431.518067] pts pts132: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  431.583682] pts pts133: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  431.613755] audit: type=1326 audit(1534494969.868:284): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16706 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:10 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x8a000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:10 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x40000000)

08:36:10 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:10 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000})

08:36:10 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x4f00, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  431.854541] pts pts134: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  431.920802] pts pts135: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:10 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xe8030000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:10 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000})

08:36:10 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x700, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:10 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x700)

08:36:10 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:10 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1b00000000000000)

[  432.328400] pts pts136: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  432.349120] audit: type=1326 audit(1534494970.603:285): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16706 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:10 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000})

08:36:10 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

[  432.593353] pts pts137: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:10 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1900)

[  432.636663] pts pts138: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:10 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:10 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff00000000)

08:36:11 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000})

[  432.870929] pts pts139: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:11 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x4e000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  432.938632] pts pts140: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:11 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1400)

08:36:11 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500})

08:36:11 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1400000000000000)

[  433.164235] pts pts141: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  433.201141] pts pts142: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:11 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x3070, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:11 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  433.368060] kauditd_printk_skb: 1 callbacks suppressed
[  433.368071] audit: type=1326 audit(1534494971.623:287): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16765 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:11 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2400, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:11 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x8000000)

08:36:11 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2800, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:11 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1e00000000000000)

08:36:11 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000})

08:36:11 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:36:11 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:11 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x5d00000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  433.527655] audit: type=1326 audit(1534494971.782:288): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16828 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  433.562039] pts pts143: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  433.584258] pts pts144: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:11 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:11 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000})

08:36:12 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x6000000)

08:36:12 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xffffffff00000000)

[  433.756570] pts pts145: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  433.782681] pts pts146: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:12 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:12 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500})

[  433.950161] pts pts147: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  433.971732] pts pts148: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:12 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x29000000)

08:36:12 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  434.325672] audit: type=1326 audit(1534494972.580:289): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16828 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:12 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x600, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:12 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1300000000000000)

08:36:12 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})

08:36:12 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:12 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xffce)

08:36:12 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x42000, 0x0)
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000080)=0x9)
socket$nl_route(0x10, 0x3, 0x0)

08:36:12 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1e000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:12 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2b000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  434.515956] audit: type=1326 audit(1534494972.770:290): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16900 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  434.547863] pts pts149: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:12 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:12 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x9d000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  434.577049] pts pts150: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:12 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1a040000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:12 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x7000000)

08:36:13 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})

08:36:13 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x700)

08:36:13 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:13 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x20000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  434.860524] pts pts151: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:13 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1946, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:13 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000})

08:36:13 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:13 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x5)

08:36:13 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xa000000)

08:36:13 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x11, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:13 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

[  435.303036] audit: type=1326 audit(1534494973.557:291): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16900 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:13 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x37, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  435.423496] audit: type=1326 audit(1534494973.678:292): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16967 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  435.455486] pts pts152: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:13 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  435.480516] pts pts153: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:13 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000})

08:36:13 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x6000000)

08:36:13 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe758d0547f0000)

[  435.632754] pts pts154: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  435.654563] pts pts155: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:13 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:14 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000})

08:36:14 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xb00000000000000)

08:36:14 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000})

[  435.821951] pts pts156: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  435.845064] pts pts157: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  435.947316] pts pts158: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:14 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x34000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:14 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1800000000000000)

08:36:14 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000})

08:36:14 executing program 6:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:14 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe00)

[  436.107361] pts pts159: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  436.126970] pts pts160: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  436.227781] audit: type=1326 audit(1534494974.482:293): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16967 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:14 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x9, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:14 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000})

08:36:14 executing program 6:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:14 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x40020000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:14 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xd00)

08:36:14 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000)

08:36:14 executing program 7:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x40000, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00')
sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="9c000000", @ANYRES16=r1, @ANYBLOB="00012cbd7000fedbdf2506000000080005000100000014000200080005000200000008000700080000001c000200080004000000000008000300030000000800050001000000080006ec050000000800060000080000080006000100000038000100080002003b000000080004004e230000140003007f000000000800080001000000080001000a0000000000000000000000000000"], 0x9c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004010)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x8100, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r3=>0x0, <r4=>0x0})
mount$bpf(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='bpf\x00', 0x8002, &(0x7f0000000400)={[{@mode={'mode', 0x3d, 0x1d}}, {@mode={'mode', 0x3d, 0x2}}, {@mode={'mode', 0x3d, 0xe91}}, {@mode={'mode', 0x3d, 0x2}}]})
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r2, 0xc0385720, &(0x7f00000000c0)={0x0, {r3, r4+10000000}, 0x9, 0x8})
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
rt_sigreturn()

08:36:14 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x82080000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  436.408628] audit: type=1326 audit(1534494974.663:294): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17055 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:14 executing program 6:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  436.449423] pts pts161: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  436.476763] pts pts162: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:14 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000})

08:36:14 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xc, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:14 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vcs\x00', 0x400002, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000300)=0x81, 0x8)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:36:14 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x4000000)

[  436.653200] pts pts163: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  436.679002] audit: type=1326 audit(1534494974.934:295): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17085 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:14 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x900)

08:36:14 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  436.701213] pts pts164: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:15 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x20050000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:15 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x276, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:15 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500})

08:36:15 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x100000)

08:36:15 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xcd000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:15 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:15 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xb00000000000000)

08:36:15 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x4, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  437.308303] pts pts165: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  437.332021] pts pts166: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:15 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xec04, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:15 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})

08:36:15 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  437.478739] audit: type=1326 audit(1534494975.733:296): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17085 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:15 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000)

[  437.538093] pts pts167: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  437.573387] pts pts168: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:15 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xfffffffffffffffe, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000080)='./file0\x00', 0x5, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="bef33d7182da3a533c5482d96f295a806f6985d66a19cfa0ee4046a0597f7e4054e5cb967e986c1f0a38d57f3db60f9b286c060a7b8443448c4481661e56c0bf1595428a6e320cd36f76916f8ef0fd4c3533f807b46f2660b192a165f3237285b5f17ed8ef3396dcfd59", 0x6a, 0x10001}], 0x40010, &(0x7f0000000180)={[{@barrier='barrier'}, {@nodecompose='nodecompose'}, {@part={'part', 0x3d, 0xff}}, {@creator={'creator', 0x3d, "47fda16f"}}]})

08:36:15 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1b)

08:36:15 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:15 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})

[  437.824916] pts pts169: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  437.844261] pts pts170: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:16 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000})

[  438.042542] pts pts171: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  438.066040] pts pts172: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:16 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1a4, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:16 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:16 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x241, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:16 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x29)

08:36:16 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000)

08:36:16 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000})

08:36:16 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xd020000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  438.237891] pts pts173: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  438.261137] pts pts174: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:16 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x34, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:16 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000})

08:36:16 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:16 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1a04000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  438.484278] pts pts175: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  438.516957] kauditd_printk_skb: 1 callbacks suppressed
[  438.516969] audit: type=1326 audit(1534494976.771:298): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17156 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  438.547660] pts pts176: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:16 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockname(r0, &(0x7f0000000080)=@alg, &(0x7f0000000000)=0x80)

08:36:16 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1000000000000000)

08:36:16 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x2900000000000000)

08:36:16 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000})

08:36:16 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  438.725520] pts pts177: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  438.754114] audit: type=1326 audit(1534494976.998:299): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17243 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:17 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x12, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:17 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500})

08:36:17 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:17 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1400000000000000)

08:36:17 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1d)

08:36:17 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xe000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:17 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2200000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  439.370347] pts pts178: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  439.399002] pts pts179: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:17 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xf401, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:17 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:17 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})

[  439.515529] audit: type=1326 audit(1534494977.770:300): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17243 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:17 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1d00000000000000)

08:36:17 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xb140}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:36:17 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x15)

[  439.640393] pts pts180: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:18 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  439.716525] pts pts181: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  439.741088] audit: type=1326 audit(1534494977.996:301): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17299 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:18 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})

08:36:18 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x47774bca7f0000)

08:36:18 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x483, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:18 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000})

08:36:18 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:18 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x800000000000000)

08:36:18 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1040)

08:36:18 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x14000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:18 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x240, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  440.362791] pts pts182: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  440.404457] pts pts183: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:18 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:18 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000})

08:36:18 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x483, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  440.539647] audit: type=1326 audit(1534494978.794:302): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17299 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:18 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1a)

08:36:18 executing program 7:
r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x3, 0x101002)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
restart_syscall()
prctl$seccomp(0x16, 0xfffffffffffffffe, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:36:18 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x4010)

08:36:18 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  440.647653] pts pts184: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  440.657542] pts pts185: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:19 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000})

08:36:19 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  440.848840] pts pts186: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:19 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x24000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:19 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x88001, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000080)={0x5, 0x9, 0xee, 0x9, 0x1}, 0x14)

08:36:19 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000})

08:36:19 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:19 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1b00000000000000)

08:36:19 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2005, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:19 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xceffffff)

08:36:19 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x69, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:19 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  441.532535] pts pts187: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  441.548904] audit: type=1326 audit(1534494979.803:303): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17404 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  441.568393] pts pts188: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:19 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000})

08:36:19 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:20 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x4, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  441.751168] pts pts189: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  441.761472] pts pts190: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:20 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x4000)

08:36:20 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x2900000000000000)

08:36:20 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500})

08:36:20 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:20 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x8304000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  442.005906] pts pts191: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  442.318924] audit: type=1326 audit(1534494980.573:304): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17404 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:20 executing program 7:
r0 = request_key(&(0x7f0000000000)='pkcs7_test\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000100)='\x00', 0xfffffffffffffffd)
r1 = request_key(&(0x7f0000000140)='id_legacy\x00', &(0x7f0000000400)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000001c0)='md5sumcpusetposix_acl_accessbdevlo-]+GPL\x00', r0)
pipe2(&(0x7f0000000180)={<r2=>0xffffffffffffffff}, 0x84000)
ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f0000000440)="13dd6cf02c6e3e1fbee6998c480a586a2fa613e5ec6dd764ae1be0c1bf143cae13185f3b312be164a6bd0fd8528b74ecca4eee30beb2278a096d2e077962496891e02bce4ad16cc0450d47e86c1613730e54a3d321f105125fa8b4c1d6e3069535ceb7d5bb70d7c02d308a26655143d8299ce5544b8c0b64044090ad536470aa18864a609fc18a4ad1915641f39d747622b1579b98df4499e78c114b8ec0147c64ff8e7a3e44d67d373b9c5064878fe42138aebafd41404f5daeca7d1db4c928421add552c61c94460f94f6700db93f56c0bc7127c0d3af02eae71b65465700238756f3edbce0a21291a9c8421efaeacd961b6bc8e3cbd0951115d6c703afe0d8a51fb5954ae6fec437d05463632aab03e4153916c231968a6d62aed650d77f3503d08013b4b93c05380f54ca8ba9fb3ddfca9fcf2a81c61fdae77b7ba0c3fbec6df6267c4c3f72a6c0e768caefa42774bbcd19a45a2dff28b2d04add0acab6dcd12444508485fa829c6987d9492aaa01afd98f5bd966501d1b7927f5be671250054131eeb93e144de3b4d33316d7c56ad5bc6bd42790b9d647d15ce691155b113514479068b9169eb262f34454e7e485a1bd8cfbd9db34e596bd68ecd694c594c5b32bebacbecb6991bc1c2d6c77d7bbfb31cc64f37c22a5fce510e0f0229339a0536ca9ddc84c3cebfc313f07391d7a35521dc1b143fcad7354fdd8655e6897301965701191f9d68ba05afa159ccd6177bb5862fb1ace4ec790c02c97704d8abf956f1f7efe713e9b5aec9eae99bc6aaa35d3f3bda015618309d9c19977baf9dbc8374a940cab0e7c7ae5df85ccb2e91e1174e06e2472d31d1739b4f955f5654b7adfe0884c29ed924ba4cb72816db13e0f730b3dfad0dc409885891d040bdb87a39c9209ffa0cbee08fe40ad0d23b74ee84d1d1121eeab20c42c7967ad50d36d92a108faf3a51aaab6582e47c856306b625666a0c9ef111a0e806174ce4b41712f09340945de17ee4923bdf104175f631af7d4bc630f0f629c81426477196020a13bb87d98293bcb51045ac84784be5f2a0cea9e2756c4fe00b52d305f0f6d632cf6020f19277067485b365163907c121bc939942697d4b323722636b820ff1f5d0e1e7f8f50cde3ce00cde5d6c70e4730bd3ff31df16c15a6b022e5aebd43c19e1380e45fc2a70b4b4be8cc8445510547811b1674a1bc245331f98f76955808c3b6bfc75cf8baa3718a9cef9469d98a748192222ec687403121f5a2f1b67191ce2327c479f008db955311230841eba61762b723c01f8bb36974af14a8e991ad6554995c83d8af92999f1c2d8f121ca08736fb26fa2c57eaf59362e90e952754afc2daec9b5c8b8aa1d7d98c2edfeb1b007ae29a6952e991163ee22513642ca094f9a112c0a0e2c445df982a39e1ff1c8c756359277e610d283795701368b9c296ba75a3b4b61937f1450a0524e4a11af018cfdd43fece3dc03531cb16f8562f4e0765f85f802980cf50eeae0e641c20ebb2019a92354db304bf00f079007761a3da8b084f5aed5856d5b76c0328f295df5fc4d4e10d460c0923b137251b856a7ab7a2bd104b3d5c7f5d57865ce81d135136a1ca95abc04b73ae120d2d2f297ef993f080935d51d23cdfc09f6f6c60b765b1e0d7e9db8302a566fc88edf22db3dd6206c3cede9bf699490a7bd791f7a32245b2bddf56e5c6cc4e887212f45d877077cf3740d7bea39fc115e456bfc336d7bb00c5cd77ad14002ae4ed980a579ea79284e24b2540f28f66ebef48caa314fdb20ad2f17bd1b6f0cf37458b1d4f81cd856066fe32192765468f6dc653c42c18fd5b3f92c5c027b862b9d8506655c024241205bb5bdd07618e2635e2766b712722b3c8f76ef2c61211c555c77e94bd6ca42f99b3de009ec76f774875375f916e9e78a26f0458fe0d7406166b608c2f8be16eedfc51649e574f7514d7a13d9133a45bc944e50e50dea5840fa74bf76a217fb6312b639f8e5c4183f8d43b665a2c29971e820f72f8925fc57f5ca32dfedaf69630aa80e6de5e9e3380de3ef76534f8888b657af2ff3882c881113f9acb59d21d1fb68a0a5741593e2cdbfc7ed2191299fe0dd827ffc5956407aad8419169ff8f8ac5c6434277215dfd2f83a07f016eb64501c6e8ba673e7b84d8da780879871e9eab910e7b560cecc65797cdd6c8b8bc5a83562d1ebac83f8df2fda873fef3e9f68c1e5071ff91eed8a84b81664b06be8b68a4ecf34643a3399a1f17006ad8357479da233895ba4bff37b68b2122d00d570824eb38d65cdf9ab13ef9f65be4422d58884c4a3317893afb0c7b8c385bbea2dcba9f34c3991a9c1d3dd08ba8999cab496e65ddb1cd439273b36ce31c230a58766926944d5d31fcf94b9d1a34b731d6697f57d9de59cbc8a85f38fd4eafcb773de09ce0020fd568ac53a9622cd7a598d692d7724c801915692e42fbf20bacb2bb76c58df563665b5c056b787609a33d4b5fba54df9624c3741b8fb7434ad7696658d8f8b973ba3bef5d378de1082285239dcd81f371aa5316c08d9a5e3c44ede59157dac9ee7f0fcab52f3e4e87fffd3241f9ccdfc0bc864dc634702f0fc9a76e393260ace47f86d30fda38f8cff909b0b9977c5a2232fc044d2404c275ab36e05b9113f7dcffc71c873858b69336fb99214c507f55baa5ee755b12e3a713e4f328a004bcfcffe99150dc9fa05a517a0eb9c1f0b2f9cefd1278aef7ae5c62940a3c2477ef77230b011870d9874bbcbe268707ee03b4a5b72458ed0bb8ad6990eac26d654de4602729347ec4eead8db7d8a28ef42f7724ad09e9f4ed1678a0fa8dd4f3b617d09fb0516088646bb84cc8264b0521cf895c3a96b25f97920d28253cce584cb495157176920a5aade98b71fa4d273796ecf4887ae6b27c8669839800169cf604cbf2bb82b19bd77c7b4bfb67ffe8a933f80b5b0c49873850e875fdd55a41cf5243d8675e9f579e7fae8a8f7db17ba981fae1af1a838edb97bf04fad099640eaad5b70bd68c559d9bd10446c7fec6e720e4a3576eda6df10162edba51c6300718aed3bd9396e95a16cdada003439aaf969bd5a82522b717a66ed5ca1efbad08446633690c397919dfe3d0ec7e3d74ca323b766ab19c3993a99492c4e311bfde4ad34f56f62e4f38effadab219270c908cd71f6b33a4b0a7109d505a7267d7428d3a1331eaea659d86b313ea58e3a2a5736b631373ce53a4977600b3314cef427f0176557623dc944ec3d3819494982696705dbdc0af9f58fa6950c962873d29476c55a0dc2458df443c025a3ae798d9861dd15be9d5bd8dd3192e07623d7dee0c9a43575077b1fd41f425c15d8fbf116577074c72ee469ae95707e0d856ba251d3c36c0fc42016fe3ca4428989e1b67705528cddc5426a3d9d0bef9d82fc980c59ff46e0c8e18bc890160200c5b831fd7d5351173d8171859d0751bd935a437941622b8b7ff6bbfd79f688673a678073a775247b6304e4b8f7b1ac1380f517ca721f282f1f9e4e036d0802bf63f622f2405793dcc414122e003dfcdeab92bc99d7cb0b0bc0044510172176f0434589a3c4c3725ba89d213f9e9472e268d6b822c9676742be4a7dae05434273a493ae30714b8aaae633f8531a864be440209d60b06a786e23f647df68821396be17b6ca06c096f8ad1017f47e526803f3e9db0ba25de32cc623a29461fe14452675f3d7768c4da19b00f440a6a19528fa5dc73b67af87dee7d38e48464c9023e0f8e410211b4b1b7bebe97d97752444f259420236310ab7f683b931f25dc26e9c0c8fd78d0faf0a793c669a50eff358a5e1ad553b03c93a0db6686b6d45fe2cd44df263275c53d3c36db037eec8a392fe7a522dce18338c40bddda1c93c1e2bffef672514a79615d5ffaf653149ae1e236367ade07c31cc4b5ab57f08db3d3117568b2556324d5d36327eabfd73c266ab13cacf06fb5436f33a3b207cac5c56bab579dcd930138106588417f83191748fa1785c6567baed8ed9c2f801c6a7de550a286bd2a61db2ba2e6851b56d2a3914323f8a6c3adf449f07e88226bdf8f73d1d4111c2d4942011016d19f46d3129131b9de3eedbe4b0df6445e17ddfbbdf717dc62e41438c92d7dc6335de52e2b896b38c5ad67b290e6009e02c3ebd18d2bd80f1a3e04cefa813cf60ebc4d2d3e6467bed597cc385b685991085dcad04cc5397f705c6afcbf71f7764fedcec538397779fc627936c18f4da6becdb31512d73b4f2577f5af6f8ceabfa7badb8daa12897fcc1245a885ff761c83f7b344a73d65461e50132946e4dbcdf52865999d18b5bcfcd8881bdcd54f230f7a286dbfdcd2b8772452a76b73ad7f232d229bfdc4bd17fecfb015f331f545bf220faf0f46ab294b9b4f8447f01a107c235fea5537011a30036ddb1ddb7ff3e7f722c5e6d7f9ed6044ddf9588e2c046871799a060cef6400b792917536a8fb0725c37e1d5bdc24b0f2f7985cae4d7b86067c9c4fbff0fde7798b9b2b0891fbccbb8f1e9a1d04d7d931b6c74d71e78fe5f7fa6c00bbb988b9401c478b6ccb563c2e9d917fa5c395263e6ca6520b67ad9b62671d5ff291ad25fb44e8eb2cbaebfab4a6c0f347b7b87c1e172afe704dd570262ff764386b5b728888a12ec7b88ddecd86f2777aeb86f89d1d465019b5dfb182f6f8cef5584aa9ce8ca6ca125b6284d9885866e1e7ebff629dc55803b04291fc04518da781f59558a78b7b7741878bc6ff055beccb3f7949492173432cfb98d3cce191358d2607435e5c48fd9b721109e732fbda9fc37fa33843be81035ab3cf335920981496ddd00a11588c21de1c33473f05b1648d2193b8caa1dabefa6a8a3eeab7077361fb076ea6714a4a6cfb9270fa71906287ab01db66c6cdef1707239e32bfdd310d7e9cdfab013de07fa241d779efd29fdaa4d6896e48ab739ce57301b032b15f91d413fca7b4484fc5b5796e251477cf04913a341e0658f2ee49dfd2d25a6e708d65e3c0b8010f0e50a95bf7bd234c478599774773225bcdc73a1beab556df39b11eb4d568aea9babe2d7c6333bdf864d89704cb3c18c188ab40439ec081ee5be44e68a95f4495aa6f1055012738b8e6a77d8b0817186626e9326744a917d56c8741cee1cf10f95fb0e35c18641f068b9b761a7c954114cb90aa86a3744ba1878c9c07bf0528fdb402d4dc2cf32603508bcb30877584f60b550b3ecf3503c2c9634ce1b9abfca7207e1c6a294e315220cefd3a8bb6a69b5ac6805b7cc62182ba928b18dcf94236c1d71e39e9850ab9caa1524c8628293d4248f12bebed86cf3690823777fe94f1967ab2b8f11f1c1ee61094dbbc4955f1c3c5cc3205ade50575a67e2cc55f16a854cfa9c8fe7cef6f3659bf1cab0e39f88ee44893c7f878ecd4f0c5a5bed2dfeda209f5d7bd6a6b1a745fff7b6b2764164746209499b3264fa59ac3ebeda668d3ad835fe71492184996d802658397df927b2a95304c755f94145920063c26eed0e3f5b6b959cc14036c55245f0531e8c6c91133ea44d76967412559f2b136b7ac87406a32df0a56339d86ef39cd0718d94045fed93daa9aa7f8e5e462cbf2ecd67d971bfa442b21cef242ac86033cff29a2c941e94bca83be7828125b96d4a4420d6bd0679e7890b1463a35b36c8b8a4591759651831a2d2f50a8715c6deeb44b0b5e8c386ae19eeb4c58344b0219c953fbf0f4f193a8268f70d117f3822d83a05ecf684d2c874e478d20a859839c2d05cf5bf347fbae5a206ca4e69eb7bc4c1a783")
keyctl$instantiate(0xc, r0, &(0x7f0000000280)="0e62ee565f25e9efd1d96ce7fa8b772fe9909cb676f17f9807baa7e2bab44ada14137894044403e105095ea781df2de32bf16e76580d85cae8f766e74095595904efa234266da31667f0c8d2bbc79984c7c93de8dbf52a108961f4358120e2282b7639964854397a370da2831a18e603423f72e2da4a1319ab8378271db73c9d2e92216bf3b224523fa322fac0be34ddb6d941425e6e77dc349af17d04c5ca673af910ffceaa7549bd13f859aac9b2967102e8f90b60611a6e57bfa8024d9fa5982a028b5f7789dd9015a13a1e2c66a11cab6cdc3970c0b60b34410233f6dac62735a1458ae2", 0xe6, r1)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x0, &(0x7f0000000040)={0x5, &(0x7f0000000080)=[{0x2, 0x100000001, 0x8}, {0xd9c, 0x3, 0x10000, 0x1e}, {0x80000001, 0x6c, 0x0, 0x2}, {0x9, 0x4, 0xd3c6, 0x2}, {0x0, 0x3, 0x1ff}]})
socket$nl_route(0x10, 0x3, 0x0)

08:36:20 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:20 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xffffffff00000000)

08:36:20 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})

08:36:20 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xc000000)

08:36:20 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x5f37000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:20 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  442.479336] pts pts192: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  442.504363] pts pts193: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:20 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x600081, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
socket$nl_route(0x10, 0x3, 0x0)

08:36:20 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})

08:36:21 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  442.735453] audit: type=1326 audit(1534494980.990:305): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17491 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  442.767701] pts pts194: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  442.812350] pts pts195: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:21 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2b, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:21 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xd000000)

08:36:21 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xc000000000000)

08:36:21 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000})

08:36:21 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:21 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1c000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:21 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  443.063661] pts pts196: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  443.095527] pts pts197: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:21 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000})

08:36:21 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x3000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:21 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x500)

08:36:21 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x5000000)

[  443.322284] pts pts198: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:21 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x64000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:21 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  443.522158] audit: type=1326 audit(1534494981.776:306): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17491 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:21 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0x0, 0x20067f)
accept4$bt_l2cap(r0, &(0x7f0000000080), &(0x7f00000000c0)=0xea00e1d67f54aa1f, 0x80000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x42000, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000000)={0x19})
socket$nl_route(0x10, 0x3, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x2, 0x0)

08:36:21 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:21 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd})

[  443.721957] pts pts199: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  443.732404] pts pts200: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  443.733409] audit: type=1326 audit(1534494981.987:307): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17567 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:22 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x400000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:22 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xa)

08:36:22 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1d000000)

08:36:22 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x8, 0x0, 0x0, 0xbffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x800000000000, 0x2})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:36:22 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:22 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000100)="9f779c71114bee27089480083f702536e3710e69701d04d3f7a39bdec664ab0749271941b087f0f032cf0050dd39370751b0203aa3a7e2cfcbc26211e818a3a09d42a0f9d39a58a205719279993ed11d75e4e4e608bbd48c8aace6ee38d797819c9c7212ceb700c7f4574e030f24140a882dbb")
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x20100, 0x0)
sendmmsg$nfc_llcp(r2, &(0x7f0000004240)=[{&(0x7f0000000200)={0x27, 0x0, 0x2, 0x6, 0x1, 0xd29, "6aac80db36ea1a16d540cbefc11636953e0e4563b5301a418b9ef79904678fae874f7eaf8105bbdf29ea75eabaec7364803c7194a2ae88488a90af78e34707", 0x15}, 0x60, &(0x7f0000000180)=[{&(0x7f0000000280)="3c08be73d52872bf379296ada11a5e830536174a5a2dd392737555f3121ba7dffc60076309be5631283d4e74dcdc4255dccee587e22cf3d6ae5084583971a4a2347fe48e115b1d373775b337344ac0e96b562959652878e0ee1f81e6e4123658b4bd7c27d1c98df9fcc06e9fc1003745044c049d18d0ac111f424b6fe18ec8efaa0de428fb98636f28ba68a98d1018c425fa", 0x92}, {&(0x7f0000000340)="9ef78a93f2ac1f889363bc0ec9bbf063ba4d3a269ac67dfc818a0d0fcb849bf174f7c7f21d908b914e6c629aae40268d558bc818ae4283233aaf861d806638066b0eef18a99c7c7edb6864afeb84cc5ee22e52", 0x53}], 0x2, &(0x7f00000003c0)={0xb8, 0xff, 0x1ff, "8005b27f18bc4febdd46c742eca2fed491bb4deb7696382707436329210d5d386d4a7d6ce360bcc53e70cc21c586ed26245c8e5924b83422ffaf72e9aa6923111e30d3691ff6960c898c412273f44a14f0bfd010d9a49ad0f2c7d60bce49eb7ea12e489a1781da2e4c4278ca3140d3138a071254698f66a10d6f2485d6d0502e8e73bff1958e7cc8ae10e6371ab712b575ba1ca4a3b5bb2111d38d961116c34f95afeb"}, 0xb8, 0x20000000}, {&(0x7f0000000480)={0x27, 0x1, 0x0, 0x5, 0x81, 0x47ec, "83f3af6aa4ac4984529e047fc469e5edfe372052f5455553bd70fc4693474fba0e4b3b73f151a7a1b7db54ea420f0a9ae301502bf31a85f9de71625353e0c9", 0x39}, 0x60, &(0x7f00000007c0)=[{&(0x7f0000000500)="71e3c1e7958dbc406f6e8a562217135df15e79fe62d84dfa838113aaf1a5207b6f8b0eac637e872a8cec3ce17336e3a4056a521294de0dcb0ba438ea5c672baf381589ad04a3c2f838c760856a519c99b0cd6847d7075f53c9a007d2a91787cf66a1fbcf68581e6eb8daa5c7dee5", 0x6e}, {&(0x7f0000000580)="2916038137d7b4384ccaf119d2dcf1a58a523b13e99c9998a1aef352f43a135a83782fcb91fb5260f1cd22bf0bf25f3f90a2ae83bf9e9e9b9b7361b574d73ca219d78eb717cd91858d8b0cec0106cd01167298accff84d8375595ba394ea74605331d5970c1c494e8da8c57b77d9a5d3a45f14df091a8f12e8dc3b9364fadc7ea6cb18639ff1b3e54154ac94a5ee5ed4ddeed863360b80657a0ef5642dda4e86dad47d6f28bc1a11cb38873899a63a4e0d787c", 0xb3}, {&(0x7f0000000640)="9adeb8087399bd466e24fce3d33af93130dc6959dfb3a70e784bd5d9712e4538385f137e8abdf439474571767b012cabd8357e46243df7bd9158e0fcdaef76a50f74aad13584688e6f56f89c876682bd8f7c7afd11fe5dfb01e4092612c16da448f5e40cb6", 0x65}, {&(0x7f00000006c0)="afdf667ee6adc6305efe8d5968b28798ecc52ddb318e4678b60f9c80a98ce5a499393ea2b75bd4ee57d329a5aeefdcf01b16e5abc79ead5e08465b05457e219b69cab5dde74e8d50be856d08a019fd105eb5fb47eee942eb5b5bb1f83a163e04a4821f8799bcc989253e8d8992af3191e922027cb4a92669cc53b5b1f9319544c1e40599278571cb13a1b02daefe609368ac9eb76cc7d3b4907bb15f671ff5f734df39829ec786c736d98b3060aa2b751131b033067db73c495c23f6ee53be240961cc2c9e71239dd428baa616c5270cb172b5b654386296b96718a5ecd17b600ed0ef4a3e76d8", 0xe7}], 0x4, &(0x7f0000000800)={0xd8, 0x115, 0x952, "83ab33ca0044ba09663af37194dfa5e9737825554cb214008944a0464fda8f9e93705acad321f6c620c937f2e9895edda89ad61d8016636521b15e8fbb2109a443b32b3d467542e18053b7bad575ca0ec1cb20e535bc7ea8cf3797f3775b6f3f2f236276ed581e0eb6936bf14b71107ebf1db4d3e7adbca3c65dd64af604c1af2a47408928c4da29fcf364a66825c51c5443613d375ed9423c051e964b8ee51c0cbf3141c36024258609a1f57ddc0df1e9415edfd0d9c93f082c9b6dd0dab3dee2b2a790e1"}, 0xd8, 0x4000}, {&(0x7f0000000900)={0x27, 0x0, 0x0, 0x7, 0x7fffffff, 0x1, "f9908bd2a78a53d479e4dd74091407491ffcc2bb713eeb2dab136cc5a126e432abce98bea464faddae13e91ae101e9dfb47e5ba1be5e8eacc5938b4639da8e", 0x29}, 0x60, &(0x7f00000029c0)=[{&(0x7f0000000980)="9f3deb5ec0f4844269", 0x9}, {&(0x7f00000009c0)="97107b2df5c1349ba519edfe1119a62caa35e8ccc3ef3ff37eb1b3bbba7ef0218338c42d2ba18a5eba1e46d3ddd956edf553c0747bb286c13e2b58b7784d420d06966be3842e662fab016f8335a7790bfe36975c516a8819d8e480bd4dd08cbb02a2698392631fc05da08760006ccd6a9910f0c73169c43e831affab7924fbdb2c2cba3b82d2035547313fefef624d9aab3ccccf6f4f7e233e2d26b2726a64002589adaae3ad3b96e1dfa94818015c2f8c42e7fb59813c32159f920286b865575e8738050433e104d36b3ef341ccbdc44982a717775e0bbd973ab2579465b14c50faeec11ed39c67a73fea62b50b53f07f3f92874852db58b253eb4d444ba03e7c2b556ebcae8c0e66becfc5738ca8d290e85f6e37eded187b1b289ce9d69d515f74362d86cd567ae6f0459361a4f26947d88576412b2acfff006e21627c6cc647c027e16b42d34ff83115e11655f5dce423178246ea50178e3abc918ddaeb2c363b7d0c9e33eadbd093baf5875c9258dbe7d726023b3256585118e3d0409bf1cc10fd49e5401f57a9756571bcf8e41990001467f72598612b912844b19f8c94db346491a9984b7288e5954c778ebea76262c00b8326ea41b4772a382e340d1c61cd06481f7f0745d40a1c6f0f78a2a6b63e5811cf443c0e9f403c18a71fae706cd9636c02ec6ba7fb27aa9f07ec65d02da628eb03831f374e0b5252985f26cac4d9e9e6157d07e682073beb46d4d773e6077e29e7a18b00187ac519e4704f6343ced48d1a4a5ab2b9a1ff5a47b86f5bf5c46e13db9ab6705be7da2548dfff9327a567313cd4b77108da8f036d689600634e643080a92d3110edb5574b710d8ded5f500c437b85f5317b39ceab330695621e0841fcde26688c844f7474787d1590a01402c78c9aec759f24f6bc272e91458d8578fb6c015e83022cddbefe05eab0fce398965e5544629b155deb2aaa8bcb7291b6fb31b1245608a2e31c0449c049cce6536ea3e647e23cd82ba4fb9fa72d529437b1e4bd8b60d4b696930b54ced37079dbe4d39a833fdf302b7bf4b95aac39a9d3bb810faad521d91c096bec8a5adb500c993f190016f7536b53f48fb20dacd5436851b01c85140ac2a4ab2c35fa1e0c835dc9a55e6c566e07e5a23498e6eae64cec2508f1ed6cf994c0f805bf56e4868de778015eaf464990319bcf7fd3ba2daf83172d69c5f327d34f0ea7122bb8bc21df0cb794f0e0b329e4f4439e764dce88fa31940010591723a54884660a984c8e0e52580c59d217b01866e1c4ee1617562ef25b99ede4c0877228ee75526c6ef1bbcfbbfa9098e34333b4dbe90dc87f2a82e675e37e1f2da237d656e0c7497f30e9e50d82b810fe2a3faf5c24a721f2e88ea1f93e99fa1fa86b40ed6bb82a9b7a77d13c6700c545728e7725e5cee7d871007c34c6146723e1cb0789948f11ca526b07f3988f6a6d51aac8134eed1ae7d4328380ce784130819f6111f17f14f4f4c270978427a2831a3a4652e2735330dbc799d7459fa86f16269312a0724957e93857cd0319980c008025c933667fcf8a1006af50690298e1f057669459bca1422d8afdaf7100df6da826818d1aaae2a4c26a0dcf0fb6f998993458876d4adbe8d354e34da110b35edb14a47a2b79ac2729c5c2b4f433f85f9018fa096a5547532be66464737de72df0082951c4b69def9ae800cce845f02fb44142c9495ed4c3a507dca75fb8edd8d53d6cb8ffcf8a7b0f104e9a06078572a2bcc5edc5bb24ba75298e6fdebef0dbd09ad132f83da397e6792fbf692da304709361d6e1b27f6fcf56c1976129c50f0b7693540720c7c5841d2c49a0324e8a55f4885d1ad36e567719cb620a506cd47d3f093e43144ba5d980fbf759dd3817258f142553ed2e14ae611d1624d0d4ea0ae0edbed91b1c126a4701a225f3b4166c6db0230eb68b68c92907c648bc6decd67f0973402e000994dda783c37bc38319d45c7cac262d3f6d68c979267dbdde3acdcc3e715396c70edb46d1ba9aa47457e1d4fa5eb106939f2b2372fa3ec429fa6097cdc39705cb6a584f29579b51373b971b550980d87cfc527cf1ac9b6fd523f8dfb81717e6cff43908ed0076db93205aa476514b5e99ce681da76d1eb79ed88481b303dc1253add1c27c539e466304be0f249f672f5e66a273bf584d70d7b94b7d6f9e61dc0255453a3fb68eccfce662575a9e8751b1aa92a0e45a9f5c8d3ab2192f7e0dbbfdf77158645d29f9d8146aaac169df8fc37615e8fcbd9e4fc68e4b74e30d2b5e2f91e328327e48b19ff293757ccfa36d881a5de0910d93445fde7fbb9d3ef58abdeb4af78007783e0d4de87089873423c2792b62ce254795fdc96cb7d0cfdc02f5d944ae69219593e3714c6e3f88c93ccf1fdcde5f69c69b259921143a792d3b169a4f7b8c749320b48061f4f08a64da33566808c12a3609f95ebd2535ffec259ae709218ba7a63308097c804c03f200b924d787a9fdb4d4b7a7c5d4cfeffd73875e901c11db657d48b6d38eec094b303d39113536f93bcc366c2d0fd4da3d56ca47676e5b05487c2519fb15c6cd7324820a31ec99f8a467a23a521a562a280260c1f82ca6ece011ff4aff9fdeeba2c7302686e136224e04c972e69ca3ff0c76753da6d4512961a3bf5af02256958d9a2e85527a8a5c4358bd1586e87c9d9768f2a546a781c35b1d9a5466dcd670ac4b02d7b7ac01d0734cbb4c5627b49ed3dafc437523bbab5d5ebb8dde920abdfdf1b157f65bd239f5809ec35f0a485aa4dca716207f03521edc0792494422f10596053fa215c348e17ff7338ad5351e8a6e6e10fdebcc3dedba23ceba39d15c2d2b9303b182480964846dd6d5baf2a09aba0f946aa94244a1292b987cc03381f59013b2810317509f8e78a84da051830f169a96893b8dd14b7308ce88831954b2ba521cc4581bf7741da01ef9b42cdeb34218bc121eec0fd33788fcdec86ca288c1d0c8dea09ac4a47eea84ccb3a2bbfef67501e80334d568b10987820a3c0a2e6bdd17b0652c9f9a395d0bd75fc0b7728ff073c0923019283f3e206ce18703ef491384462b022020e9574c6d965be42ca943732f1b0a2bca4c6125f71790932d9750112b71e15afb24ed0701c19f351c2c83947f28d91beb94733238dcdaebc82df605f7b18c96977ebb874ee783187bc3824f37221d3b86efccdfa4135c69414de89a73cc1113d3eb838f858a08ae5f2204d7b11aa3dd9d48f6b9451542bbdd69d9eb73ca1208e0c6c24cacb73a61bd0b2b622e0d77aa70530fd99c3e2bb65e426d039e4a66c4db44d1c5f3be83057a4da15c3e50ffc12a7d271c9e46b71fdf6d66ef43bb1ca1e48adf4dd1aeb76916102061e5f07bff42ec34bd12b8bceeeb3b2f87371ffd70a19f1d379756e57961f9b244860c6b751bc05259219e2d33dbf499215f598bd580ca7a903ac30baf06500a0cb1ed17e232203456ec4c82fdab5dcfca54663e583094be48c29a179d0aa2d4f6e67d9b43feba7edd2957562ccf4ab1d60e09841c73a8aaf91bb57a7254bad33cac7875e8b432d22264245730647d9a39fc38f39088423b230658b230443e905dbe2f786e718f7861218f48059f107afb338453995e3c0c55c48d6fe7978480fa6a761d31e5e7590c91cea83ff7c24acd78f1565929678799aed15cb525cd536bef6a88537efe138cfec41ab0310d5152de865964469754fdd790e652daee01d1998600bdca10225c0d042facf929c3a165fc401a8eba94825e643ccb0486d2b8c2c4f148e4a96da6bab0ab9833b415769da203e093bcde4c0d4d7de076f3b1ac404c695e0d08c75958a7669471d719e9ac4bb2bb611ca4000a8f0780f4215fb8cd893ba70a391b4053fea54608e7ba855c131c357c5bc6563dea0fc9bcc0bd72693f22ad5cb2c817daa2b969bb683f1968af9895d20c7f40b8bf0884daa8f1ca550664bdddea68323b97ecdfc79450bccfa08a73935f977a22c0c5653123a4f9240da03e2ed16e44329f7837158d8977acf70db4afa06fa7f315e72402791182ef952ddd48f6472cad0b3b9e030d67c637007e5b3f028d9817077279d336e5036d8264f7ad3c5199121a4cc3bbb4d9749bab8ee0848d5dce134866ecb8258bf1afdca7b06e9e9331c0891a9a0e728a71032988cc8db56f61643db625e6d51053c79d642e5dbad87d92c56d5c4edde3f5685cee4de9ec55980710107ca49238fed9274bf4a795dab6b9c67df3bc23a896d8cafadc472870b3973878063fbb2c4192c78838f5cfb5e7f56a1eeabd56e11ccbf414a277d74203dae552bfbac674f1067f92cab506636b8c3bbdb4e1aa724630935f94519b322acd5234f6829c8b36396ae3882e123cc1d179ed95afe3f9b303a82a14e7d8cb89faac11cdf2e8ca36ef21dfc1e681c2d3cb4b454ba19db30ebae226b51f84194d84603b7fdd946a26f6af6fefebb763af285f0c128a4d311887c01bc233b99115268102e3473bae43ebb8dd74c8dd9aee9dbb875dae03f203e30636d118f53842031d3f3f6761dd79db8b7d07cba0416e257eede7333828eeda2102aac5b1b7af0e7817474a4fae7c7b681ab85d0b48639d36bd0aa568339dfb1a42daae3b17391af592827a8edb6b5bca13de86b5ce2a6442d1abba5432cae395a71bf4d41cc235724b94dd6e022269345222aa3e309baa417ac396d3af203db83af3e75a076dfa94bbb1d5416240cf6c3b6acd6ddc852972993dde3d21e84a55a060e4f4687aabe042aa556d5662f2255687c6aff0a52cb316cd35320232e587b6b2cd65c17b93d4d01ff3936808151fa0039f87b755e5704003142d5039c68023024f82318670edc43e352e46552528fe4994a1fec4b49fb91771d1b25a3bf86d8c1437848e0485df8ad7c085e19810e37fc85f21e54d3ebc434dcf28157959e7bc095839587598f8c01d183b95713e18afe6164ac9ca5a3cd2fb24c4492809499f46bada5cab0323752f315ae37aa3cab178426dd8c2358fa0f404ffdf94e396a094f61632671a68b880cba8f96748c405d6cd51ae88a3cf9972c1646a7f57823c0e00d737acbbbd1e55cfd1894888ace189c210c033788778d47ed73b0bca4982933e2174bea279d8f90b7eb3b0d28d953099dc5ee5cacb0000378a215707c8cd5e09b3cb8b7e73d093a92308b178526cb831d14eb75089b2c966d9999b75b3f19fd2b284a71a67c39f9f6489a4aa0851148b4303005d8374222fe249fe503ce6225f2bf970c66cacff3b07a27b1aba530ed70b50da4ad081288acf40c4bec60303e2aca64688be99d7b7f61ec5e849d2746d0761b882aa820d4e30c3558c014c69782c714bcc3d830eaa68b002057e117de1a978173361d27821343de9b174e2a6b08470f50274f702d27ddb6a11ea6140d5643bb155019bf0a9ba821a69f289b78e7d60279fea1ae9203ddfd29a10df475764746e69c56387896dcda38b635b1da1fb2bb5c6fa0107b0ea32051ea8d037616885b68f4d342d2bd5624958ee826a4c5c12d0315fa96f0259f356aa29730c8ea45e0c054209a343ca60c1eb6b39c7c09ecce273025ff32ca6a905d7df805f7b57dcf641574500c187aede440aed467d06efe44307d8e17892d56f54d70296120457ac8693a2de026eed2932cd88b9d0539e25aa69c4149093e45f64c2668bba379217868cd2c628f1bc9ee8eb9855a6f3784f7dc1e0b154a456eb54d595ee673ce11004e3ae54c104a3a86f929349026fadfdf7bd3993fd03cd4ecd303d41c896d1afb145", 0x1000}, {&(0x7f00000019c0)="2ae8f63552cef4ba792edad4a9161eb32b3e2bc13318d9a0025747ba6372e63eae6966e91c3a579a22b40f7792def494e16de8706e3cdc9d8a79bd604567ef0606907e169cbe3cc64e94d09f1f47ceffd5243cab0d5dc54fbcfae4b5a0cad16ad36dd94ad8e63874e3c65019ca2498d975cc12e96ecdf5fbd780d2446aebd7ddcb67b1744e5a73be80ef157e701950507f7438816cda3a8622dbebb9af44080f6c9ae9dc3722350c49dd90d61f57264c010a20657c9f85b98b1e0aefae5c332aee292f59125661383e3edfac7e492b722bb19666a739002499a9f4d5d2f2e40f939ea3a6283af8f51960ada77db0e3ea5c6380be63c2a06a545349f8cd78e6c3623dc78c14d1331fee6fdc5a6d4b1d79bd48addf7f254261c2dbe75d7f2c246de4ee93b7c27f8252cd73a313f7e68090a75e6b6c672db738449acb42d9645716c91e5799e551e38c22fa6fc0d53d6ac283e2fb9001fefe122b894526a0bb3877b9583fa69e971453cc1c2183a0bab4f1a8b340735bb82d90d85834b9de2dab214743709d4cc9ea96f70236983e6cf288c7fd6dcf1d1f92d52705a6a5cca4467c25e2be9070ee4487e235ac1c1858b40b695ff19306ab2ec3b0a8ea951829fb691662cc0cd1b566465857017df10d5060d1982f063993b5dc901a352003c349ecfad990da7194807d2a888e37ddaad45da1680df87e2bd00afa710d343a1f8fe558498cb38bec7c70bef378f362928d7657469c2b4e7b5cee56808662e64012456b7ae796ca187ae8543a2a651e60dd78113bdae88d586dea8fae83a8f6a63b41954b07dafefa76baa7f298c20012f75419966c24c92293ac23f4a92105970494aa7a174d5ef5b87841055eef3cbe6f63b6e41972bf773816ab13d685f687f9625b0e9c5caeb2535044e7d0c698d3c28c8f2fb4ded928677510b4637c002e72f9184614098e5ae5e069f8a4c6ed9ba41ca1628dcced353d0181c7eb4de7e9c3887843aac9793f1f128901c1b4b9b0027036284b3ad9c6b13ec72a9b6b68c9eb1bc8820c7e60ac5236cca699a5395414c961325bfcb4ac1aa35915423e7ce5ba40f88b45451ab3371ae88a472d8b616b90ef79ae085311a6078fc8e3265095bc7ca086a0ae81afb49a2c362d05ac12b23df601e18ed0ca3c13924910fd57036f7016b5e20222854d874a3c550159da9097a416096a9d9f65cb0df1ea653be6d65a92e12381f5fd41811bff4e176c2311c2dd585a9672a0567b532863dd1b602c5352499cdcf241ca058a4e27ce6b7618a1c0c77b038965ea97eb102aa92befe98baae6c8992fbdb58a707f7538ba6af0f6db13d615078c6c106aaf1e458125135d75e0082b6302890a1da34a8c079bdb6b3bb8b70582a7d0f76abebba0e264d24ab3a6c69804c45ca841fec3dad85b51b21935522a9df381793c734c664a80d039ac20c2cbebf933fdd806325a9730f0249fe91e4cf04976e7c2d220605686cb82f2bc857fbeba57fe5e9045d434a0f68e15d08cd942378c45b5625630c9f6ffad1787dc52225048679c2081eea72b6011d924ad602df39047f958719021e8bfe9e131c995571a0f23bf85e44cf8c85d2da12e0c71fd52eb9802a26235577f687d3cc5ee24aeed88abb67e8e813df9d93e8f2c322934602b59b40df71d75a7b8adecc8a279fe0020928983d32bbb23440321170b92bcc269d87e1aa07bcfbfff9a70f261350bc005ae16c89f5a04f089c9428f53c7a39b19341ef428411301fe367ad71465b8d5f714df3a855374a4f161796784a0c16c3a6c5da47ac3084a5469f92d3fe08483d3eb71e1393902ee9d729c39ecb00129fab5c4c45319445ab869674ab2978b105c00e98487d91059f701ab3ef65f4670f81f28f9fcae9d1fbcbf10214fed86946e59ec4f089085ddbf60e0738390fe3df3a27dde5ffdd3626b589c1e69c813640d78d24185fcf18d79af628f3a1da6fd229feca2ac35e2b545feb341dd8e21b1ec18ce2fa80f480abc5e7e1e53bfefeb011bf4c77be584ad69f0f3722f54af82e776960a0f50f7063f5cc4f632401863cc2d8373e90e12917dd6e445990190fe4484d8cc310d9ee081dcf3ca89d4d6613c58d779a6bbbb3044db13de6b46086ea1a38345c394b72ba2bffef5db9ecba26ce2250ae4b1435e2f9c484201b45d76f6aaecd3dc342ef8402f7dd043476df1943d9a8f26ba5f154b1253a46550b28a3318590f505bb520c5f3211e50343f5c07c7bfa425693ee2a3aba771d6fa23a319391decd3d409efd2d5f4634cece0070daacc38b6521156176b81a33e6f8a323acca8af39f62dc4860b41bb6a5a118a4cd04bf2a1dc83bc0f6b6be80ff9d7fefb80303177e0d6d8435acf401b1fc6aef7a27b2560710547b8d4e55b70761038539e3c76b52310e5bf4214a0d25c473fcae0ce079a3038b7ef208e8e8b8a5a28878bb368c0e1d770be1f05f1b696537b9747273b02898c065dbea1e2ef38c15f0df2d765fbe4b4946ed3084508a0a633c855b17a63383c6fd98e87a06ed99eeb34f665f8359fd4876151b353d5be77c64f74c48d4eacf42d93b121de054e07739fab0639ea2aabe8de8ea1a66b09eccbbf520c8250635cb3573fcb368308093671e70244f89a0d30441d122c1197665d1077dd97afdc1f5d58cb033444d06fb4f37f8b0672b840aec8b3a56d53409885e7ff90fcc97e50e62eee55f452f66a6e8b3554d2ccb1367bbebaa961475569cf1d247a2de015009297547c1e2da1b43408e3f183b5e64fc4a8984769ec6fb303dad07c9b7388857c3d5c617e68e6c155b89c2254048cbdb26652b0c8ab31877cc8732e609da2961c6e7260e27fd84840946577cf4a4a944965dcdcf5a1df23c37a02b9524a80911d8561463799b7238daa5e5fc0cb5b3e7bcc9e84bae0873d6a18b7694f064831525e45964d5465bcbb4b2841f69bec8d750a867babb2dbb044cb7724acf5a65befc4f26d0dec74788d6f4298d016078fff735534a6d44fab761996f1e6f53bf83ccc8c5f14e16f0d5c08fc4abaccded5608cd69b467bb2c104f18d0fb2c0d2cd8cc01b580bbd06cbcc9d400ee0577e9e16da4f0ca528925272354ada7a3b0b94da26662c805c6bf983093a104e01e904d2688cb7c80a0ea9c1dfd41ba7d5c63c6630293b86d876a1eecf8380b691a14d0c877f17ccd97a710e25038fc3318849cc1dd13abfc2823083fdf8a5a541747bd9763eb27c0246873fe20f8ad74050924c1e4b374d6bb1187661b6786f755b6551609a021894e1f7ed6e7966faf003122e9c5b2c10443ab0c5f6cc1f2a30ddb8f07163374ce3a7e153037264437f28f2eb33ac696be3743abd37a3dc2090a93bcac3cc3775ae92a840e320bdfb085377698efaf5a380733ae06c7f8e2786cac3598d7fdf35d258355dd1cc899867c00b6811aeb4a195832561aff7c7fadd6bbaac1a62c2c315a9d28a1eaac25e44b332f556a58690ad32c9c35a378fd214483bd9f739923d17c3c809fae7d2c02b21475d9d6bc0fc987ac29c416ada8e601675051ad6978fc671fb88ed607f4934e2877bfadc736ac244e8fd437ad65c7567030786c73382152c524ea8782585bb4106122ef25cdf1db67b8f23d49240be8f143be565b423bc1fb5f247de51ebf8fbd7a3adc2186bff5537af8a90cd6b86adb679814c24d842ccb77938242cbdccc7fa2762d246b6252ce775b97a41ae8e137158c810a10a4b0738b5bff1f527a122c7c02b0903d12dd120529e43e0885747cf440712b5d52bbdde5298d6ce9570b71c219f23cd349a8f14808512c22584f43615ef8d59677d45c7f0d8d4a3bca0385b7f9f8870af388d3741cdb67ad966d4b3a54a8a4b5adf59a9e25a4c1e850e0c850765574d74ad2520d00544a19f9e0081d33339b23cae5a7eb42a501d9b602ea2362172e15495913d99c9fc40d6c8d2f861cb07829cfc15b71e481ef412670a41296db34790ed0eaf5b88b8c6276fbf136f9fe6bb67eec7785a633e7c6806fbf6456421ec8d9a5e0e8575c794e38d45085f23c48ef1e671635cb31a54fef3d07ad34bbc0be65b724fb471dec96d3147a07065144e48fdac6cca84445282ff215f90a3005d0dbc637e996b38606b820673275a2e2298b325bf8fcb053dd08c69756b9f3423f910dc82d41eb800ff7328a78e85d670b0dc7be317f2e956414d77df6ac258f83cdbb803fe94b4f43465db021e4bd6fd1e41e0cd1a618ab2832cde3d41a03f2ecbce19391562e874a44fd2661287458c20cde282f19d8fdc0960aa699282e8db47bfd3bb2dabf24afa071bdbbd98e336f6fe671c5c438b5b858afac84f07519830cfc5d91156d8f0095aa2e3386300f05f53b617a9435b79f148b61db1da60e253e1b064bac53ecddc7e7b00111bfbb0b2ff96e7fce5f511c8c514c1023c972f5036cf6ea7d78a76c965f7d7019b7f3e2112adc0f82d976384ae385acf63c2f46cff783b8f9e17841012145c44f558241a2d7155c578bd2358665aaa20e9729a21edead54a1f9970c47e42e3f7b7c30c65c6c755bbf94b75ccc66d500960cb8d96ddc4f09d923498e455becfa87a63634344136dc3ef89db95562d9b2e274fa72bef62336c5d411209cafb23455455155a89ac6cd1eb317ee45b6cf40636547a27b0e16308035fb461fd96bf581fdc4f598d86c493024faeea33629a7a4508936f8335a9e913be65c2593da013d952ac778978a8335d745dff15e0a94990b1749e8473861deee5fb17f2ca8a50eb8c9c90ae60648e0ae2da2d0a20b22284fd5046443d2fb0f826cbd99bbe768d0abe332b66ededb7c5cc9cddd3a72045b4e30f2b2fc20949b1f3bfd344c2a8fab51f29e23378d29fce1b7f8b0b0859c165e1e6be783bf6cb8d0ca0b19d6fb9cde5786480935147886474976394f8162eb3c3a967d7167cc799c3b8a71467deb61eaf148b42498e75e1e4b69706b44e73a8d87120a6c2add9fb4ff45e9cc954f55d49e75a50aff1fe719b129e734067c279774f25360c818b89ec30f10d03fb79dca70556a294f955f259a101d9dd0182b118192a1191855848f68314c63680e6504227d54f51500a74c64192a0977e4052081e7a91c28e0a1cd219add17cf2318f1dd14180076424adcbee5bc15b5c0d38c6d45c63698e108055dde148e5dd4a06bbf34eae6199733c53ab56d4640d7ddea2ee03f13ffe448fb6d5f680b6e08445a54362e1476c4ca52ae5088a6174825a97720b93973298de9bf7fe070c1a75bc1694e5556037dbc09fd565c55f72f56414c89a4f02f81e12da3dfd5a6cf9b1adf1e4bc15980eaa5efd4867e06f364278121b14037ed92d8d65f4c8ab62f944cbccf29e91fc8725961fa75bb947e93e68f76bd54525f91197e25f91e056371e8685dc15ed8cc77ad6ffb9f65e5d0c5b446a3de21a93318c8a8b3ef6c0a8857be5155b5d3e7f5474e1238cd9426164a736f86e173782bead4c86d00c8ec3dcd2966863a827fe94793c9ab6741ac582298509448223e3106884612cebf281b47ce9872062e328fc905f2f401043e35f2253992a7784574bad31a11504937477e7d08b1a787c99735cb8ecb5ead729007035ba43c7d668655a32a042d7d214b25f0ff728206cf7263d7bb8c9021eb92f9f720d5cd92284102f018c7870243cec7cb498402f883db9bdeaafb811a57bb2ae95bd1d147e1ee1bf9e1ed08c2a8869eb61a1f44f8cd61ea8480df000d105235f26b28b6bd988c8153236d045cb7214cfb6cd77ff268cae5d852f46f489f785eae12f", 0x1000}], 0x3, &(0x7f0000002a00)={0xe0, 0x103, 0x8, "5e3d132a0a59f5802ca9091270402245ab0f1c2e545735021fec5950c4d68229a39657c2f11e52bfc6298130495e25434cf5865549e58e99b4a9891d656c8cc377153f5ed08a60e6161d3902c2256305c9f303659402b231f368804487e3440646c3c9b0657b6e7ac9d461bf737334b69b12b5caf0ef06ab3a0aa4902ed19a8666c95a8f8d07fcc3cf3b8d122520fb03322f22eb26e4538b8afa08a692589912e8fc04355a665c0b3abcf84d83ade34dd432bacb1ea29b326f86814873bfa638c78500f753d820ff5beb6b86e9"}, 0xe0, 0x81}, {&(0x7f0000002b00)={0x27, 0x1, 0x0, 0x0, 0x8000, 0x101, "a53d6879e37f68c7011eabc138c32da16083a833dcc5ec024c3915b25e86f7873d947f8c3d266df9fe06d796786508cea7a554e7fa46f5c7ffa611ef6f6c32", 0x33}, 0x60, &(0x7f0000003e80)=[{&(0x7f0000002b80)="3a1912a8f0069a83130cdb26fa7c267c245f1c1f63eb21847084c90d6d7b7a48a9c38d011c24ae4f6fe97bf05ff0b147dd626814bd8667ab6bffa8d492a6fd8782ae45437fc27a78e54b3253972daace84e12be546b44ce9f2e099d18920a7dfa41173520cee85e6ab0b73464637b4878b68d6d369ddf5471f57cf85dde06285692aef99b176c14b198a56391a18cbe2e33a3528aa7d62c8f635b296a0f668c0459d272b5bf870a1fe1bbbabf4197f0dfce9b50d422ab13b8aeceed394ba65dc4166162c78c1d391b91c1224aff004badc9670f0d4d21d12313ef0fada6b202ef8b3d02f122110a67fe02e3275f9cf1cae1fa46965dad4cb057a9a85b2ce4fc7bc442640b1fdae855c8c8d315c1a24931cc048589d79fd206ef53cc8da25e779dd62efc3ecc12835af7bddbe8d9a24835a1a04b046c833ca7dc340b1f27edd0a98a239eb3d611dbf6e5d1dfb9358cf7eb7cb0d6b87cbb700cd2f30c0ed4bd733ecea4eb7a8bec98c48c36bf9b8a03de1e26637d757d5e2894c3f0d2678399f34cb134b1bd9b0a1bef885d33dffa6b5c444dd9d23504d897615097a5ce555227073110cd0af1146bd57843caf5a7032f5d26bbe222f8e27928c25000f377f1488b48f424f1f2a26b571e5534adecf765d29c413f97a4cf38d5cd8bfae561e778603505616299c581d0a851610f935568cb4e236f68b01c01b6a03b4dbba5cb93e19f25faf6172c54eac7b3631667de0b451704bc3d7563b16fe400cf5f85d38d055548475f9fdfda6534aba28ca265ffc2c3ce8e64a2a56a8c1eca24bb88ca1fb1ad37f0d7fee6e87b2780a3678f225eef9080e6c26adeef37e27ba119378170a97c974fd71224fca0da9552b3d13c8fb930809b1a3ca423a1011d0d97432e8e7a5706754fb05255273c8306d1729817d97342709a1415b0dbea15965e4fc2e38728a211ce5cac56fc2485d118a8f24a6529ef65384fcfa399df156c6cf0250d60746bdca11b575d39d006b4646eb06a0f08a62ab2c1472460d406a302b4155e087195ec5703b980c18b311dac622015ac1397801938b644e52bd1bb70662f69b2adb0e92effba3be3726aea9f53a6ab528ce00a2d912ae503b9a4fcaebcb5a211a679dc384aae8f4331164bbe6fd181566c545584817102fe443449594eb5457affc6cfb075ad0d688f01e174587a94f1bbe3ce5e753b973024cfebd05c8b9e1322048c06ad4324a7f0c58172bb80c34cbe02211776f42bdbf49712f50248da55e82cbf673cbfff2b6eed05e7399b64302a920ad1d2ed0a215b47922ebf4341a1fd01f646abf00c96adc9cedbdb37be50480f6a8e89ccb939ef3094a5d61c21091a0569f114e8842fd09ea0e660de3323c3e1d14a0f33ec212ab26e480e51fd2b33ca53b5bcdd36acbe07e6ad7e1069abd253caf13f9b2ae16920ff62fe893746cce092812da48bcd28f6c76273958c906e8fe3d20178d30e43735e52809c21e446b1d20cc00c71f368ee52d9a622884e52e601710773845ccf2bfbbda5d841c65bcdc6ef4a0341bb4fb543ecaea77093ae6f3f7fdc8763bd93dccd874fec6c2427b6e9d57ada265ef387e643ae57d0b527ee32017a5eb318b8c025174648961894f561c0f741595087a723c55af20b9e247681520c974c1de583988ea1594d11681b6a09c8bb6821b20eaf21511e22e222e3c461158b27ff125ee3066d4be13af787d67ca3767d83df41e465e255d55189a52f96954889954cde25f414ff589a3a493181ac545b28a42183d0e0263b607da45477db7db920c2545626605197925df412279d86875f774a49a85548fe51363218d250d14e6ad28553b78770f5f10c3b210f396ea2a30507e7bd02faab2a8a7164a353f46d45fa0bf116fef42b09d44f4d053a98451f8decd85dddbb84555debd70fa59ee86d8d0b25ba0c186a2e54878e3f2a087ad6187e6c112deb3ef91431d47af05fddd003f03692f95069872ef4267cbff991e42ef47e84e8d79ef27cea79f3320a4f9d94d0f0627aa07cfb64f427070f09ffcb1fc707e109364b08f53669df355ffb9ce19ddefbbcff3154e6beea71a44a3328b4a3c19e9720889f4d18af4d70df52722ae236e6aebcbbcd7e490c5c569463f87242c56f8f893f733c352b047ea685b6604650431421c8387263eb0067d81466ea9120216e2eb1df91b872abe456c076800bf02fb48642085690333dcad5011ef9837bc485caa4c9e2ed853033258fcd65634ff61ef015dee4ee2711808a912b4de0a97f2758900d5daf307ca05589ae407d4fc6e715024135e06d04b4216c1154446d994f98b8c8ae48699fa80d06be4966c0fcbd4fdf85aaf63ea487725336ce66c9dcc5819ecc6d30652de0344661102ab2146d2a9dfac033d9c3f673b58f42e8cdaf09fb341b5aa463f38e62c793a7dd5e57cd656a72bfdf0be4a95bbeff24d7d18d538da4594318b054c05762ebe8d9bb17e72d392d84aed9969eca3fea294eb791e8aa5ae0340fab08f392a2597c1ad176b8dc9aa78e963ee3cfe6d837c51f77a1514703fb1c36d5008b9fc726b5cd978d7d4f59a9676835262261ea9fb86461d28599d7dbad7626c876446a4dfd1f7780b3de64df03146f21849e4e33fee944201c4a6083734965f29f39bb537fa40719d0ceeaedf17fc6de0337a4f0f88a15a51fd56638834ec2bde5f28c3ea6b80bf51a3589c503df4792fe4ab00bb62113c3f7587a69f70f998298f4b85d42cf7dc8c0f08b730baa359fc63543c45de8789fdfe18ffbd697437f62eee1428a7892d9c7641988a2e8d39dfbf938d00213fe8c430c6e8ea4845a0c34873bc2ef6b7adaedbd14c34d6995604e624b91e0575e93ff862fb6080e921b90de57c4bb19a1323265a5cfd45b06aa12f36dc22083fbdaad03d58fddf8757443bb73c9d5940b249082abeaaa06a8795aceb87bca876c3ebe05eea6c206a5a60584d40581ff5b109f31575614b9d27d6cea4cec90b28ef719e35191143e28edd81a44be7a5f2c5841e482d2f76e49dddaa39095e4afd56548829e7c96741bbb34c3ae24fce8a9da2b51ddccc8b67c8d92e71185b2127c91bfbf0f7ca2990f8ab88e18157ef61732c40d276f482e212a1d3a10063dec3e951150fdd9224c26e5f54fd384419dbf5fa4d232b5ec43abf7a0cf004596f811d262803cc7d10c787bab02a78246c310abdc12920974e328e17e97ce0a29b938305c7c797203b29775a494d35bbc927bcbce9d70efe9e1d2988f465daaad78c8bb2d7670f064485e850cda8705af7edbc9401776856ee9dd2ecff2baa891b7215eb244dbef035a5b78d0cdaa915575af436be7237345ab9d4460356efd54498133caea218b55bfb2d6101f33b8f7622937d3a49ad0374311e8c4a04209cde2008daf55df9f19cc6ed56d91da56638c3d42b4a23c05e4cbaa4e1d1f6366996ebb2f74033d8b42ff7ef2d20d350ea529a32070148e028111ba941906b2170eb326337d3490aaa8be20b053c89d9fba45060f53fc4eff48e91a2a1daa30dc1e6742cf351b0ab604af0181ea3cfda6fd92ed2c17ec45409718af76c65b0e5da35a970804467c99091e65b1d626e500c997720920d7ff852c49525daae869214435324bad4e8947873d5135877088e8234042902f470f23d937d65a7e35ba89199dfb1ed5ae962b19c8e611b5fbb59a040c820f1bc718295898caa9db2c5f9af8b4199ed98bad3b71e7b73e12c7fa1a17057bb39960a9f5e66c69d5c97de1544cf34cd63ba93468d8acc755a4486a27add916a1104b308995c245b994161d94dddfcaeb589348fe0c9a61afc2e124f555e47f5a60cb595235157cebed1ef9c5c12420bd13c1b59230b9ff92ae6db53c662b1b7827f0079808e28bfb63f46e824f8fba4e91f278d57364944efdcbdf3db4c8416e2112d7d36c813c94690bb2bfb97a34acdb1758e7d9a69367f4de608d53ca8d6b153ba5c4b73a3882ebf63d22fcf83c936a2ea111c1432f479d8e7cbabef394d71deff4659b2324f1f487c62fe03512a5106c0ed02051b3815d15b7f15c2a49c72167a80b1e42aa54b973f5ef533c3cde8b95491bdbf01e6f4eae781c2d647fd82c4a6b871d448046847072a782efc0993a1a611e3e34e166a0507380d328cc8cfdb23ea342b5db87585ee0fbdedf37d8e5ec3a43d3f13b26774eb7631a7d2326d28c169ea9a9ded1d521de893ed7183a448256bf11f7eb8cfb20d7e127fa5c0461aea1ece55292c432f067731e76b8cacdf79f116477c7e98d3e4ad20e7cd26ee0ddf85da11da2b16e612268ac7fe7b5715e9e1ad2eb840ea19e1a57e96c9aa4c16929e9f9943aac6eb6e56f407a0e0a9fb5d64e72d7fa9c4b8995e7680307909fa91dfa0aeb7d4ce1de6a9b2201c2c9e2289609149cb51f2ef22eb3b2cd513a9165aca5e8dfc879dc5b736b5bf3224e1dadf0b1297404808b9e84cf86d5456db67b1a75552e4dc957a7cfcc515fb02d26b591e2b47e8a07b71d6895f7d57fefe0393e4a56148f6f9c6ae98d2ece37922b83dd586c28d791831df8e4f850de439ffe1592dcae9b1642d6d9b017341bfcb27fb7887650e7e199df3bf58eaa9ab1aafe884d1b7bcdb4fadc7514e464d087ad96177a99acb8370c9d18154c3517c905fe7134e3aa215c0faad328a1d9682b0229dc04e812bd75928356884d2bca5880caa0d3304fc7612d9b63db8c1a29be66770b6a93f926d90a13e35b9a5be2260aa74ddf30fed35e80ba0bd5771241a983088e815eaf3a6b08b11c1f53637fe3dcca0c028a41312e1ae1b1e82de76a3c41fa4d865c8c37cd584ce8d735e96e4779b362b7eb5206f086b8b181b7b368bf8c679cebb87475eb57d4528ebfe636de0d1b1b2d15e9608e8f7d3d48cb0a7a904bff096e9c0995ec85545c45b778956909d39eeb9b168d810588fd4c21353f59d8e919e182fb0de9b4caf30714871c38471e06d4dcf6a76c521c86ced54f43c4dc0c0cc671fcd27e057e6d583da0f1ce49ec396a3065340085ed98e6e4740e0db5403255361ec0a8aac70dfd95c4f03ab718b875aec6e49297710c956f65661eeae789b2db1bdcc281f58c9bd5d81e8b6d0853e0bd36bd69c9719701c25316b02da9c8a246f8e8608cdb8c0a52497132778b662faf015098cc3b19b89f4b28e1427ad4deee0e5fd2cc25399b44c89c3ba57bd4472a873896744dbc295133f3fdfd5001d59fd5ee427a1ca01984cf43f858aa5197c735b157c9b26f749072a0290693143fc9caf89f80be30f0062c451bf5f894f23e64837247f8cfa838e9b6a306fa94b86f9fa7092f9a48741166a2e5d4f35e6f1fc0b4658184874466d4a432ede900cb43670e5e79caa27ea4453f23fe0a4652eb015c7ed8ef0b8c1675332d521734a58307f6b71e8ec29147b2c7adfbcad31f03d125138f74772521a1c1a2ba7ea13ed686a88e71d3669b3ffa17010d6324952ea8c0c7af071a6100b66fcc117482ed9d757db9f6e196d336ea1c2caeaeeeac5c7854e80b6ff42de3ba74836c43805e326c76e32c22b366d459a3b9bbe34e051eb56f7d6e2000b5b56e86f2a2a0d67830516032ba67a956754369fea53b3f42c463347efc75e2173bd668c700e73bb0470190ca18d5d1b2e800668ce30295ae70faf9137132966ed770689706438ef17e6621ebbf20dff5919721306669b2701a66802db1e11c00377a262f4d71df16d385bc0c39e413372a9da2b14e091626a4b3e58ddbb7037d892ee57b130768d26c80ede1d33524b2f4bbee3cf0e102c", 0x1000}, {&(0x7f0000003b80)="0990c401bcae3d6771c908705bc660a11bae9de828b9bac3dea18c0b1438e357df30a9af8a23bea83cee30d0a39a6920116d6460c5f5811f274a9b85adeb352c17603979fc87b5744e7c17ce10414cb2d20ffaf095d89f2e3e52bac14b92f1526ff1e6438c812cc3a688ea135a62920fb77f162fabbd69dc3e9e40b068193befdbb29b441697ba99bf387a86ded764bacc3b14a88804460ad08d0526716dac1979a6cf5328e610e10e1a8f7b7e183acc0cdb538baddeb3763ac0e02ea8aa978a", 0xc0}, {&(0x7f0000003c40)="6296b4a212985951e90784f4255f8b8fa3a620aa0df7b727ed9af19a64c94ed75ce9968a3b9dac6b9546248dff1ad43763c1ca719a9ce3adb73b7f9a746eff325da92ed6d9cbb6ef53785a9726f6309b8a6889fdc5a796cf193e574cc26ce773c6e55c6f2605070d7f1d17c96e533dc6cc54d77468119b7ccfd536d14b7fe7fffb5419875dd451fc6c0ecf061cb497894826a21103e1ef2e38c500007e5f030b074162e8f3bc496af9a4d538fb5cda560e1dad3f81ce34b75f1c5dad4c1f1b316f88d6bbc8d0d900b688", 0xca}, {&(0x7f0000003d40)="f092ca7b21b4b14a055b5c8a226871a49fea094cf113eb663fed5306513d2c55947388ac69fb8a962caa1caad9c45cd00391c3e3bd549709349be665eaee952cb0", 0x41}, {&(0x7f0000003dc0)="9b70dc2b1bf6483843a59cfcb13a58a77b5602c89367738427366056f50a7ed5f065b905c40a42057a9bbfa00b9caeab0c4b8d28b8e8a0265312f02a9780d68cba246ba887f04cdfbd56efa05b3e8ef80cb99b298c7567098ba6362fc5851e2dab120719cf1901301cee107f8215adac1b823d8caf0657694dac46635c99595d04324d9f48d21bb8210b7d3bcbc7", 0x8e}], 0x5, &(0x7f0000003f00)={0xa0, 0x19f, 0x2, "61a1990da0f330fa1dabd25dd5750edcb88fda8d840698416be8bdbd648702b7c7ce5e8c7f92357d57dbf01a74856374136e08f204f41e3c67be54d7745933a9bd5672fa043d87ec8a947e400dc89dd01ea704656eeff57db65ad33206bd3426eedfbb10da12691200e6733926155307d01b8b602adf8773e5b5b681b2ca8374606c0794bb23de060e9e37"}, 0xa0, 0x1}, {&(0x7f0000003fc0)={0x27, 0x1, 0x2, 0x7, 0x5, 0x6, "bb1f499dc8c4dae3c6bbca1e9bb3d94636842c8ff72597d1938ed3f68994a892546cc56cc562129d7f9deae410dc4cae264ce90420882ce0d7cb988cbbad60", 0xd}, 0x60, &(0x7f0000004180)=[{&(0x7f0000004040)="f8c1cfc515029a870f44c436f6e04ecd890dd4864f9f2123b3dfdcf38dd84b0ccca15ad8dd0da97c833a8c3abdd30246b55d87d4abbcda2c2ded8783556a90c805923a2a972f4048ae8210395933281c5a7d0146a06fe047dde83ab19dd6cb7a825b738c9d35fe848e8a92231be2720dfbec8062e825dad1bf74efaff495f862e50681df91d179411240a31b3b28134a755386cf0e4546fcf13e53c67afc627697318ea0ce24cbc0c2c3365952eada6c9c8c46532e02a07715894cf417e74b70b1", 0xc1}, {&(0x7f0000004140)="cc7df40404588d4265c18b1e1f6245759e7b", 0x12}], 0x2, &(0x7f00000041c0)={0x78, 0x117, 0x4, "c35b439a6d9c96723f0884031d3a2d48f62f9d050497c7723d1611b3c461ae5753b12656e814c5f44661fb3bc053f0b9047b6beea17702919aebfa65bb656cfb341fdc9f1fb82253cfcded7310edf8b8e72397648d1300e5d0e7d29d1a6d5ca4ba90d573"}, 0x78}], 0x5, 0x40080)

[  444.193666] pts pts201: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  444.208053] pts pts202: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:22 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1200000000000000)

08:36:22 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x4010)

08:36:22 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x12, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:22 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x1, 0x0)
socketpair$inet(0x2, 0x80803, 0x2, &(0x7f0000000440)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000480)={{0xbf, @local, 0x4e22, 0x1, 'ovf\x00', 0x20, 0x9, 0x22}, {@dev={0xac, 0x14, 0x14, 0x20}, 0x4e20, 0x4, 0x2, 0x7, 0xfffffffffffffff8}}, 0x44)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r2 = syz_open_pts(r0, 0x0)
io_setup(0x5, &(0x7f00000002c0)=<r3=>0x0)
io_getevents(r3, 0x7fff, 0x7, &(0x7f0000000300)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f0000000400)={0x0, 0x1c9c380})
ioctl$TIOCGSOFTCAR(r2, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
r4 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffa)
r5 = add_key(&(0x7f0000000180)='cifs.idmap\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000240)="b5df4000cbeb34f9532308030055eafb9f1cf890cd188699d6c5f97e86447a910dbc99d9c43cff06f09798a467db0621831d847e9ef3c9816a8040c9967d769fb0652fe813b03c9f9ffce802d6d0db6b993f63aaba850b58c6d921f726b31e6954a4890be5ab92a16d267e9b60360908eae2b013b5f30835225cdff6e3b648", 0x7f, 0xfffffffffffffff9)
keyctl$unlink(0x9, r4, r5)
ioctl$KDGKBMODE(r0, 0x4b44, &(0x7f0000000000))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
socket$inet_udplite(0x2, 0x2, 0x88)

[  444.460520] pts pts203: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:22 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x71090000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  444.507415] pts pts204: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  444.529900] audit: type=1326 audit(1534494982.784:308): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17567 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:22 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1c)

08:36:22 executing program 7:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cgroup.stat\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000100)='team\x00')
accept$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001c80)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f0000001d80)=0xe8)
accept4(0xffffffffffffff9c, &(0x7f0000001dc0)=@can={0x1d, <r5=>0x0}, &(0x7f0000001e40)=0x80, 0x800)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001e80)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001ec0)=0x14)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000001f00)={@loopback, @dev, <r7=>0x0}, &(0x7f0000001f40)=0xc)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000002180)={&(0x7f00000000c0), 0xc, &(0x7f0000002140)={&(0x7f0000001f80)={0x190, r1, 0x8, 0x70bd2c, 0x25dfdbfd, {}, [{{0x8, 0x1, r2}, {0x128, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x6}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0xe70}}}]}}, {{0x8, 0x1, r6}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r7}}}]}}]}, 0x190}, 0x1, 0x0, 0x0, 0x4000881}, 0x4004005)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
signalfd(r8, &(0x7f0000000000)={0x2}, 0x8)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)

08:36:22 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xffffffce)

08:36:22 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
close(r1)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x1c000, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000100))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:36:22 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  444.748514] audit: type=1326 audit(1534494983.003:309): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17625 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:23 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x6f010000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:23 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x62070000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:23 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
syz_open_pts(r0, 0x80000)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000300)={0x0, 0x9, 0x0, 0x2, 0x80000001, 0x100000001, 0x1, 0x100, <r3=>0x0}, &(0x7f0000000340)=0x20)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000380)={r3, 0x7ff, 0x6}, &(0x7f00000003c0)=0x8)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000180)={<r4=>0x0, 0x1000000000000000}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000240)={r4, 0x9}, &(0x7f0000000280)=0x8)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r5 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x1f, 0x30080)
ioctl$BLKRESETZONE(r5, 0x40101283, &(0x7f0000000100)={0x6, 0x1000})
ioctl$PIO_CMAP(r5, 0x4b71, &(0x7f00000002c0)={0x4, 0x8, 0x9, 0x9, 0x4, 0x101})

08:36:23 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:23 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe8030000)

08:36:23 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1600000000000000)

08:36:23 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1a040000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  445.325187] pts pts205: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:23 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:36:23 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xd2, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  445.528935] pts pts206: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  445.553282] pts pts207: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:23 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x10400000)

08:36:23 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1e)

[  445.566150] audit: type=1326 audit(1534494983.821:310): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17625 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:23 executing program 7:
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x101140, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

08:36:23 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x440380, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000100)=0x80, 0x4)
r2 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r2, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000140)={'team0\x00', <r3=>0x0})
bind$bt_hci(r1, &(0x7f0000000180)={0x1f, r3}, 0xc)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  445.788724] audit: type=1326 audit(1534494984.043:311): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17690 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:24 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:24 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCLINUX6(r0, 0x541c, &(0x7f0000000000)={0x6, 0x634})
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
r2 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x5, 0x800)
utimensat(r2, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x77359400}}, 0x100)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:36:24 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x14000000)

08:36:24 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1200)

[  446.098263] pts pts208: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:24 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x5d09, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:24 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x280, 0x189)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r2, 0xc0bc5310, &(0x7f0000000100))
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:36:24 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x4600000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:24 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1500000000000000)

08:36:24 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x7fca4b774700)

08:36:24 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xd02, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:24 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  446.467574] pts pts209: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  446.496278] pts pts210: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:24 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x800, 0x0)
r1 = syz_open_pts(r0, 0x4000)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  446.576174] audit: type=1326 audit(1534494984.831:312): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17690 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:24 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x2, 0x3, 0x25415f9f}, {0x5, 0x10000, 0x0, 0x6}]})
socket$key(0xf, 0x3, 0x2)
socket$nl_route(0x10, 0x3, 0x0)

08:36:24 executing program 6:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0), 0x800)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xff6c, 0x0, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:25 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x3)

08:36:25 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x200000000000000)

08:36:25 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x4002, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x4080, 0x0)
write$FUSE_DIRENT(r2, &(0x7f0000000200)={0x60, 0x0, 0x7, [{0x2, 0x8001, 0xa, 0x80, '/dev/ptmx\x00'}, {0x4, 0x4, 0x9, 0x4, 'cpusetem1'}]}, 0x60)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  446.802262] audit: type=1326 audit(1534494985.057:313): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17758 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:25 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000, 0x40000000000d7a})
r1 = syz_open_pts(r0, 0xfffffffffffffffc)
r2 = creat(&(0x7f0000000080)='./file0\x00', 0xe2)
read$eventfd(r2, &(0x7f0000000500), 0x8)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000540))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
r3 = shmget$private(0x0, 0x600000, 0x620, &(0x7f0000a00000/0x600000)=nil)
r4 = syz_open_dev$dmmidi(&(0x7f0000000480)='/dev/dmmidi#\x00', 0xbb28, 0x1)
write$P9_RXATTRCREATE(r4, &(0x7f00000004c0)={0x7, 0x21, 0x2}, 0x7)
shmctl$SHM_INFO(r3, 0xe, &(0x7f0000000100)=""/175)
ioctl$KDDISABIO(r1, 0x4b37)
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x13b600, 0x0)
ioctl$TUNGETIFF(r4, 0x800454d2, &(0x7f0000001b00))
r6 = dup3(r5, r5, 0x80000)
sendmsg$nl_netfilter(r6, &(0x7f0000001ac0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x210000}, 0xc, &(0x7f0000001a80)={&(0x7f00000005c0)={0x14b0, 0xb, 0x3, 0x300, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x5}, [@nested={0x1018, 0x85, [@typed={0xc, 0x2e, @u64=0xfffffffffffffffd}, @typed={0x8, 0x8c, @u32=0x10000}, @generic="9bfe2b8f2982da0474d30a79c2049d93618a20cd8fceeca8cde880ad9d27d92622ed1d76b77c7ed7d79c86edeb4d0007252f8784244a7bd635151e71b665e61a316803dd0ff2b853f9b89eb661884d5c8bd1d39136e070186b6b79dfe6b0f9b4cd86c6df2d1d00e3b3227cb2905d1e3e7a5ef9c43125638d80dcfb53d28070399dd69a5c5897bb23d5cccc27b59f1136c53400a30c61f0017244d4c7e98968a090ba120a3f1d0dab7f675457dfd1051e6e2b09207221bb0bfcbf7881a861db062541ad64733af10082518dcbc8bd85f8bc418b08677ea30d955d13382c964f4682c2dede5df0be3b719969ce2d0dcf59080ed503bae618dd48109140745f1f60347534a0e3bd50109be11dd449c91e2058354ef371c1061cf03018b3eb3b4dfca005362afdd533f8d3b3d745407581c3814e8b2b61fbef021ba204000aa17e91b605c98de7ff02d55c544ec6da2f2b187bb881d8b72753cf55ec978ee9342f09c5e416a629598464feadc334bd1e14c3fd47726bc4472859efde7504abddd64484477d9b95f212b82deba0a73fd7bd30653d8a57a601e7da46c73266b08e6a7b97d16abc5855eaef6497bfe7f576bb65477e01e810e8d5d4f819e648f6e22e41352afe773aeb3590f302c2b9f8d455cbf19dbb68dec66a934f373b3a87c0b2ddd631c43d08b8c9cc311adf8b1036d6f175cf6f18dc5a66f783dcb7b182b444bae3ea2ac17462127274c2a6fb3a612801bd19d90c1c0ef428ce4b7cd0d89cddfcb9570ea0700b225f6acac8de516c4fce524e7bbb270411938cbadd5c09bfdb49218c613481f751d536216a966a170cbd13371d15dc1335487c471282032571c716a747aa5b922bc8a25f655a9286c79094e6b1a6751501514c7f5b615c964437b01abe29e8421f00f675cc6151abe4fc740ccba2e510c948cd4c5d570d26f1ef98691b99495e54e193e47d93effeeaf54c6a62a09cc86d555add77a597ef2b88eb0e5d2f0611cc89f674cb76a61420a99f2fee309d9d78b66cef559439680df3a28cf913ff9ae93f601b5ff1d998f67711d6d4d19ef9b93b1106e2c91478d667ab88d9af36e905e55ed733968288d3b3e5ed0b9de22f6e0f32ed434e5c16674d426a7e4c460d0e76795b16458d5e959a3e455f751e1419b7bd7d03f475a1b2d191312cd9abe640822cf5890a69d819e457f7901c1b99d49ae6c861def58978413247d701d22c23d0299a1b5b4b2245c9fc659bb86c62af1cf8bb135095df836896cb11ae7ba80ed50524c49bd7dd5ac6853c461f25d7453aa3fb76d602d03d9b013d99b3a1e8e6259d1c133886383e6da71a42d3c19d2daace2a7266c71e08b0d963118cfa202d6c021e1234c3acb229cf5d7922772f6bbb686b7876547d59a5f01dca8422af55a6a10d97956bf79973312ce49f15e774300693820f8044138d497c932d2688e91dd3d0edd73fcfde1ee5ac71ea970cbefdff44202978b1ca09dde465458818bf6111f4a63b23b2e259ebfed35d13b0a15eaeb5959e05403b6bcb0282682de7e14bd29c09132a4b9228a00049083311ddc35ee3a60bbfad93fdce81b9047f2e0c495c8cc39c401e8b355b0c54f40fc755f11ca56af4f8291eff210a050cc48ec119e6c09a64bde4add5b6128638b38c3c9a90e380ce5bb2267c52e771c71776ac7b5b0d91e0ed0f8d50d21f5275c6d730626caf9f165df8ff5515eec59d66ed65d009338404ed8faf9c968b0986a2fb727aec5d806ecb08e363438d876165962f613134ccca223879cdb1bcbfb095ebf823f2ff64a4bc5de632dc4cc62efe6ac907148427710d6a395ff8ac1d2ff694de44fb4b7585c66b58c92c43db78fb6395b472cabbc63e995a6938cc1402e300cf2c516789e0a430a684e6e512d3f7fdf0017a0da76f36fbb84d42a0d42061e623f251b4651e8c01b23db17ab07ff239f73b9b917a2994926079ead91e9c34ed3d3e369fdb20b2a86ccea0d9599a021e3dcf4d33eaf7528dc35c44817f2320dd457f97eab50f0570b63f06e2ec311ef30f689019eee9a774977e74e3048c60eb119243bdec876a6650bf98aa2025a2eaa85afd880aea38a3c2fcbab0a631ff150a5d8b1c8419e470f84568a839852fb0d0779eb1f9574c26ce699f8aadac39aad0d25ca70bcf9a5fd47b0a4b7060987b1195400537ebdcfacb8d4c1e2087cb2c14973287eaef8f151b13c3093917502300e1620e7f393179942727a66552a7661efe20eb401043973f4b86035037b239a6713ae8fcf5d73da3d7b1ca8527ba6c2df795fc1c27b3498901c9d5cdfaa94a04f6c23f8ca5ed6a1f98ea2364478bb037f680bcbbf3da5e9c3e5d4f1fa6b5f34f4f33dcdbffd3950257cc73376c4ba47ceb84e2d1f0388ef98f5fc6e9ad0b0228181ba0fde05b9899574050eb1f43fcb76d4c3725ad973a7165002de783ba6c346d1f075a2ca5f59babccec9f2fecf7dcc400677c021457a2e307c0bc6ac0c12ff11e268142fe9246ae57eee1ec126b4b605b1e7f540a73a321501051c523e6262cdfee88f9de28afa69b5dc13738c9dd7e44df1c95e3dc50e07b12bc867530fc1ecbb68bd87f3eb2b19ecc90db13c39ded3fe37c4b4114dcd8b5ae07cae9d6c84f33ecb56248bd65f00846b4e523aa5c99709e8cb852bd6f802377f883928473427bbc6e2a92eda981aee705c48f878e004138c4531146334bdbc69c5fab2165a9c03c82f98c35c8d50a725202a78420a0b6bcbc7f2f7919e93cde462e693ca5f6f92b5107ebf0db3b2f34e74a932ef479cd81be89e10ed64bd1f0d0de593a3752ffc760b940f8b35b3f1ec91b71f7ab6b0dfb280dd511c33c852587a14d2ac629f7eb5fcf90d8b4e76487e3dd480640c7dbd33587b2b5d14c91431f00e021d4db7a490826c8a1f11704559cb2b034786aeacc75f35f2fe74750bb836321e024da074fca5539a5d90b912244bc9b7f8e883b4fd06f4877841a5ad852bf8be43a3c9e383ac971107e7b62635b4174baa925f73ebb50c21c396f3b78a74d6035409d9ea88969b31e4bbc9f44ffc4afa71ba5c966abfe40ad006c8ae7fe56e79069f10ec171f6cca66d5bf1401943c6c91f8594014cc691cc804fd85baa043b4ef55a89b3b294bcd350cbb3c106019a97333bf31652055174f2a511fd2f91959825b7b85927acf400a6c06e36385c8f9031b80ebaba3b18dc3611ab5fc57e0fc047de47e8fafba2d7698fafbc92d345ca164a0cc9db975d896714ad4d34efdf701e5c67d8b3911f4c0c119d7c6362fc988f21129ff79f613a07f144ecd8561fe5a2987145f91be8fbdab433f0eb6f5afda424428452deaddb88e0cb4d8d047ecb70acaebd91cf018e25db083bc5642bd745965a1d8c443c1531cf8bb4287e279ae7891380379a7871c3d4cdfdafdf173eb3857cba3d6d4504fec6ce5cca74f4acc6e65c543e2a3cf35f9e391ac21119857da8d48a0cb30ba87e2309f90b021a8e1952724a649584f6bc88958d40ceaf98e766f9156c04522c547442ac4598850ed9aff76141e4f2fbf5a08d16c1be19249866f07dac38f2284b82870a96e37ef43af2f491b44770e0b24184fe616c032f61fe9b04682a74bcc0a56ef6eafb0febc10f765ed1c78739c497489598c81dd4eaebde2662959ff697de016d5abc9d34ea8ee973593797149646100e07494eca50b0949952ce2cac375fd9bb91399921279c10a153e2b761c2ed67af2ad50abf924b80e4444484d3dbb61f283ba58600b2bfdf624455e52e2c36242866d9b3a004d255897397c960b914905060d0bf3b19bbd5461077121f0f90e9121966f3823501362dc486a1c00db9768cda4ef654c11be00e537ec38924e087643a7fbdc4b411912d9a26b1bd66f8003cdaa103f035850e837f20239de8f3b84170f540a1b4a215a25f8192f26780888b6da94e8215a627617379de60833dc3a04e5cad9d7acff340584513f12f8a9c2e039dbaf88aeab14d9924fec587746774f885934326b425c963233c7aded69577262e60428ba34505d3569546b6051439caea4dceecf949a3ae7114cd2642a5d68d170996a998998f95f4a6953ce71b6b8ed703b06c3366eb38b06b1e76703b9b9e0a46291cfa243475649091e47833838b373d1522c55fd601a590ed207122fc7f85bf553876174ea45c92a314ed047bbfbbce64605c3f2725bd529bffdadd76169731642fe4bec8fcc615c79c16f43bf005253bea1c396d539093f558b095afe3611aa44dc791c9c81398759233f5b01cf1dfb776b2404cf0c5242263b65082b565a1068711f753cd9c74f191a19a4a9d862fcb2aea3134147f215d848c37cea369ebc6f0ec1a58d5dc3bd079c418dcfcb335a25e83001e52eb515339c921ac0d7e936cf21e1667ae551e311a6bed56353f52f8a97b21f23ec67ee1c83d10aa1c48de88c1e18bfdeb1f51c60faa40074290476b94459d01ba09b0673baadd06679dc3c4bfe29137b3c0e930b6be06d363bcde3115fa2087c9155a2770e6e68e40296c28a40b39b80e99ba263330802a46ce500f06cd10691cd108ca03eea896b559dcf60170fd920adc1f1588668a084b2057c4afafc8030c8199f07ebc3f30e17706d8fac97e7dc339bec02c7cd8fb8996021f76a25005609173518922835680db2df9724bf951c302e434b24dc869e9a9e8d708bd3ebbda6f5d82aa082d759993daf0e70af985b3d808463e0bf1724d602d9fd88219b57f879aa1c97a01f27e00a36a276d067f3e75883947f10b92a14d1f470f08c076e8404886b2a2f75a0084c1679ed1dd956b1d26011e8bde5f07cae65958b522e442fe108051abd943a4fd89d15546933626b8ce37dca31fd58bfae1ea79e5acf45aef3ac8064b362c02c4ff69d45afff3dd5e5b112d8520b1788df85822edafe8292267e068d9060d415064faa89f5ca55ec36745b11f59366db8094829675c364276fb9586c3022812924a73bed4e43e689d137e69b13fcb681f8c289e59a080235326de314e79588148ec3a958ef0f561f335883e8d9e43124f408d55b1731e0e169ee30f8fc3df011a0d17bbc6853b82f036fa999f441e7abfcec40c20784c1547ce61f6d3bbd4d368057b67694be2c817fc2dd5be2b1de45eb71a1d68b9f7446397ecf09774c1f74353a758065c8e135d31da274ced95e02f50eb51cf06f2148d7aab8e565981c8f390d745720df7c17ecf8a456988d6f7d99fe8555665e521770b0801fd502c531f67d3088f4c5a4a78205534f3a26c6c54bca8e5f64d3dba5b40234f3e303df95716b93aadeb9a077be9768aa8e1499e88bbf93f45a016af0e2aa2f08e26c1d4317dc92bba9f0ff62ca6b1538c9766e5f0c35f6dde5bae53c3c5846450407ff4d4483134d812ae19dd795a0fb278bf26d258f207a6f70dc66abe3976e723539dee4541fe53437dfb2d2c264a99980f0059debdc784ca92bd1ce1b4b6d9cf25958198c98e8b9e3b86d408fadecfce446ad6877c1db76eac733c6985505815abf911572a6516ba7dfa28984939b9015d6ae01a5b6497c236fd70dfdce255c18728bb2037f64b54b9ca1dd3b8b77fc8a7e2f69268595f288d7f5b209805465c06d69a44c7555cd5a45ba9b153fa0d90f279736776dbc906359b93ffd2f82c4ea2f02dbc5b79c28bb85ae15d5eae2e9d3707dfb06e6e5c922d9918fc3b2264ec8547285a113fd27bc7cf7e4606460f64b1bcb51bf6afd8aff9fe31f5adfc8ab99a2ae45a98b96dd2390caed4f2098401b90dec2d6a1ee3c03cd181bee23416", @generic]}, @nested={0x314, 0x6f, [@typed={0xb0, 0x76, @binary="5a8986f3f7c3b3ea4cc2aaa14acc9d91abc3332fd19b4a66f6a4374522aa36232e0cc28eacb33a485727508d56101d0a0eacd0a0a9c4a813ef9b27fb399faddbd935c893980ca7d9fc98027878f7d622ead24527336a797b26743c46f77f2d586f976a01987eca8b72539c0fe871f9d2a541f0a47c88f557306340648eb461300e531a07f395a1ea6ece8835cd1abf7c37571992cc6d271fe5c12fd240190e2b7fb59f46d58cebb408"}, @typed={0xc, 0x74, @u64=0x6}, @typed={0x8, 0x48, @u32=0x1}, @generic="db864804963bb8d123892486fb32fa721f8629a19ff625eee68c408e06ab8c944cd2243139c1fb1024a66718097dc8b7bbf7498b15605e42cb840c46327a", @generic="d09ffe7f91f2c38970632a486a80b39aa8174082b2a79b64a9397bed5916f6f555009ba675990b8d53de0e35dd26a00807c2ecc1174d22e54918c3021b733a5ee23a8f37433916417b9d001f5630f6bfbf5641720c995b5735be5aed7d8f6108e821524b4c09bedec00db9f6aa1d3e09935c995ab7be7297648fb14152b52d0e02d94e6cdc5c52bcb81a78ea8b4d439f3dcf5aebcc386850297f563f6e558a72a84f7ce16ce9eaf377105980397fbc1a8d436b7caf925dbd000f550909d3aecd00a98701b1117ea3af650b3d491346ef2e80559488b42b389a65ed8c31cd8d72f27e55ef42e653aa42060219bf066df2ab8152ce71c8dac19215c3", @generic="e0b3f619ad779aa8879cdcc4dec2fa4a78ab0216ae63", @typed={0x4c, 0x18, @binary="a5a1f91cdc8cf6fd63a74e2666c5cbe75e849d5f838539f771c1cf71aea75eea3bd9ac7c27d9efe6db7d0f58eca0eace3b0baec84fe04eb024f88aa64a27b973aaa2031dade328"}, @generic="1d20ad60fc524f17f682922c6815e33cc5b939caf143dcb4c0ab441582b56f9d5e11f25ef1b615c8ea94d895f26994f3adb31fe64f4717cbf3ee45b05f264b6a29849588f5ec2476f11eb3e16a21cf7ff0ea3a183be419b6bf19bf7aceb7d3b596faae5037c258d9ea42", @generic="05e0745f585007dc9118ef231cbe8245f8169d45a6c39afa991264161e14266db86d86b8b906dbfade608902359c6091b77491", @typed={0x14, 0x6a, @str='/dev/dmmidi#\x00'}]}, @nested={0xf0, 0x6, [@typed={0x8, 0x35, @u32=0x5}, @typed={0x8, 0x3d, @u32=0x7}, @generic="bbb397ef1998469870a72ca0107b3f97296a9ea775503a0bbff25dfb2c0ef70abce77089ccba9da08bd950b1da6c630a5ae4d0d0b32d55abb8128d6270b4c43417a2b6fceef58d908e1f7f46241919eb5942d1b42f9ecc0ece295e9b7871b8d14c51412c464d0b23aa19108f6ab44adea9dfa5a58889d88c4a9de61e8139e7b9e59d71163e6fc3fbdc92a177dac62a0e2944ab977d736d7d8b57df5d6914074b28bd521010c5b64695d3584e7eca00ad9bf044abeb04bb5c850fabc44e560c9a3036434a16f4d10008089e7d11edbf377620683d4add3995925a61"]}, @generic="9bebacb1802d7b9e76f9d99d3ffd5881b2aba628537f489b359e463a0c96f0944c3c61277cb627d7877d72b6061f39a42a5848ae5f1942e8090f73323a4163bab35577dd61b855edeae2925ccf22daee08428367e9863830eceb496a5a70edb4afccbb022c7671ac4a3237af0ff009bedb2bf9e28a14818b551115c717f1"]}, 0x14b0}, 0x1, 0x0, 0x0, 0x50}, 0x20000811)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000300)={<r7=>0x0, 0x48, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x1000, @loopback, 0x7a8}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x21}}, @in6={0xa, 0x4e24, 0xfffffffffffffff7, @mcast1, 0x100000001}]}, &(0x7f0000000340)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000380)={r7, @in={{0x2, 0x4e24, @multicast2}}, 0x1, 0x7ff, 0x8, 0x2, 0x82}, &(0x7f0000000440)=0x98)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r5, 0x40505331, &(0x7f0000000200)={{0x3, 0x4}, {0x7, 0x9}, 0x5, 0x1, 0x5})

08:36:25 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xd000000)

08:36:25 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xee0f0000000000)

08:36:25 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xde12, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:25 executing program 6:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1a040000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:25 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x2000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:25 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000005700)='/dev/hwrng\x00', 0x4000, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000005740)={{{@in=@broadcast, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@remote}, 0x0, @in=@loopback}}, &(0x7f0000005840)=0xe8)
setsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000005880)={r2, @multicast1, @loopback}, 0xffffffffffffffaf)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000100)={0x0, 0x0, {0x3, 0x3, 0x100000001, 0x2, 0x8f4}})
r3 = syz_open_pts(r0, 0x40)
ioctl$TIOCGSOFTCAR(r3, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:36:25 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xf00)

[  447.519107] pts pts211: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  447.534267] pts pts212: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  447.589433] audit: type=1326 audit(1534494985.844:314): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17758 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:25 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1100, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:25 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe0fe00000000)

08:36:25 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000000)={0xff, 0x3, 0x3})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:36:25 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x69, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:25 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x70, 0x3e6, 0xfffffffffffffffe, 0x0, 0x1, 0x0, 0xeb, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x2, 0x800, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xf5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x7, 0x3ff, 0x0, 0x2, 0x0, @perf_config_ext, 0x0, 0x0, 0x2, 0x0, 0x0, 0x800000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2080, 0x0)
setsockopt$inet_dccp_int(r0, 0x21, 0xb, &(0x7f00000001c0)=0xffff, 0x4)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000080), 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r0, &(0x7f0000000140)="7de72859674eeab2561251fd2bf76de25be8684c78b639c63f6fcc0e9dd066e7fd4f1e61dc4b08264ab16bca01", &(0x7f0000000280)=""/150}, 0x18)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x9, &(0x7f0000000080)=[{0x10001, 0x8, 0x9, 0x100}, {0x10001, 0x40, 0x5, 0x7fff}, {0x7, 0x8b, 0x6, 0x9}, {0x80000001, 0x3e000000000000, 0xfff, 0x53}, {0x1, 0x7, 0x10001, 0x7}, {0x1, 0x3, 0x9, 0x837f77c}, {0x36, 0xfffffffffffffffa, 0x81, 0x20}, {0x4, 0x8, 0xffffffffffffffce, 0x1}, {0x956, 0xfffffffeffffffff, 0x8, 0xffffffffffff60d2}]}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

08:36:26 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x14)

[  447.796513] pts pts213: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  447.820532] pts pts214: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  447.848620] audit: type=1326 audit(1534494986.102:315): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17826 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:26 executing program 3:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x100, 0x0)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r0, 0x800442d4, &(0x7f0000000100)=0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
r2 = syz_open_pts(r1, 0x0)
ioctl$TIOCGSOFTCAR(r2, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r1, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r1, 0x5441, &(0x7f00000000c0))

08:36:26 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xffff000000000000)

08:36:26 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x18)

[  448.076006] pts pts215: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  448.091080] pts pts216: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:26 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x100, 0x0, 0xffffffffffffffff, 0x7, 0x0, 0x0, 0x100c2})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x40001, 0x0)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfe08, 0x7, 0x15, 0x1, "b39a724ceb46bab5e31e04a7ed17a7a28b0928fe3890c1e44f6b3e9ff303b7301632bf3f943c61d68402ef1683ea03352811003efc4982f562878150efbf7c48", "068df4859dbdad7660f25b21ea716575f4f62ea5712ac93d04cb51817940cf6b", [0x7, 0x2]})

[  448.323548] pts pts217: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:26 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x1500, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  448.371599] pts pts218: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:26 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x6)

08:36:26 executing program 6:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xffff000000000000)

08:36:26 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xd00000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:26 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xf)

08:36:26 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x400000000000, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffc00, 0x0, 0x1, 0xffffffffffffffff, 0xfffffffffffffffe, 0x0, 0xffffffffffffff81, 0x2})
syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

[  448.618738] audit: type=1326 audit(1534494986.872:316): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17826 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:27 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x4800000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:27 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x6})
r1 = syz_open_pts(r0, 0x2)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:36:27 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0x100)

08:36:27 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x18)

08:36:27 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x100, 0x0, 0xffffffffffffffff, 0x7, 0x0, 0x0, 0x100c2})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x40001, 0x0)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfe08, 0x7, 0x15, 0x1, "b39a724ceb46bab5e31e04a7ed17a7a28b0928fe3890c1e44f6b3e9ff303b7301632bf3f943c61d68402ef1683ea03352811003efc4982f562878150efbf7c48", "068df4859dbdad7660f25b21ea716575f4f62ea5712ac93d04cb51817940cf6b", [0x7, 0x2]})

08:36:27 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1700000000000000)

[  448.915396] pts pts219: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  448.929609] audit: type=1326 audit(1534494987.184:317): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17894 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  448.946866] pts pts220: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:27 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x1, 0x0, 0x0, 0x100, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))

08:36:27 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x7, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

[  449.085534] pts pts221: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:27 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x100, 0x0, 0xffffffffffffffff, 0x7, 0x0, 0x0, 0x100c2})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x40001, 0x0)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfe08, 0x7, 0x15, 0x1, "b39a724ceb46bab5e31e04a7ed17a7a28b0928fe3890c1e44f6b3e9ff303b7301632bf3f943c61d68402ef1683ea03352811003efc4982f562878150efbf7c48", "068df4859dbdad7660f25b21ea716575f4f62ea5712ac93d04cb51817940cf6b", [0x7, 0x2]})

08:36:27 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x6018230000000000)

[  449.167243] pts pts222: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  449.217735] pts pts223: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:27 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1a000000)

08:36:27 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='proc}\x00'}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f0000000240)={0x9, 0x7, 0x3, 0xffffffffffff0000, 0x101, 0x4})
ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000340)={0x8, 0x4})
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
connect$nfc_llcp(r2, &(0x7f0000000140)={0x27, 0x0, 0x0, 0x7, 0x5, 0x4, "d5e9111306fc98a6b8a148bd2d30b47c81d02f24d098b96f41cf7723287010435ee21f5b8c459230e96e464d60c539e2de2b1f7a6f14109db5e726d1fe4d59", 0x23}, 0x60)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
getsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
name_to_handle_at(r2, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x50, 0xffff, "3b5bd5575e256592298fd1861db0b406db4adfc94ef17616267a1af278632876d3a010e5ef6959a154456d7376a715c58a99b49ae6be56057685e96ed8863304da29fbe21d81100b"}, &(0x7f0000000440), 0x1400)

[  449.399522] pts pts224: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:27 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x100, 0x0, 0xffffffffffffffff, 0x7, 0x0, 0x0, 0x100c2})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x40001, 0x0)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfe08, 0x7, 0x15, 0x1, "b39a724ceb46bab5e31e04a7ed17a7a28b0928fe3890c1e44f6b3e9ff303b7301632bf3f943c61d68402ef1683ea03352811003efc4982f562878150efbf7c48", "068df4859dbdad7660f25b21ea716575f4f62ea5712ac93d04cb51817940cf6b", [0x7, 0x2]})

[  449.484672] pts pts225: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  449.511062] pts pts227: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  449.648932] pts pts226: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
08:36:28 executing program 0:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\n')
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
socket$key(0xf, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0xc004000000000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:28 executing program 5:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1000000)

08:36:28 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe000000)

[  449.716677] audit: type=1326 audit(1534494987.971:318): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17894 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
08:36:28 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000480)={0x0, 0x7}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='nv\x00', 0x2fc)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f00000004c0)=""/4096)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000180))
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xff6c, 0x7000000, &(0x7f00000000c0)={0x7dd, 0x0, @dev}, 0x10)

08:36:28 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000005c0))
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f0000000580))
r1 = syz_open_pts(r0, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x40000)
syz_mount_image$gfs2(&(0x7f0000000200)='gfs2\x00', &(0x7f0000000240)='./file0\x00', 0x100000000, 0x3, &(0x7f00000004c0)=[{&(0x7f0000000280)="28b32c5b29fbaecfcbdf5e31236dfd759aedf106ddfb3b876bd6e52a8bcb43df5888a64c34bd27c12f1282cdef3e1a96093af1480126c979a17c9626784d725e38a6065ed2f44fa7dff753c825b5fe5c586376c5142479013c3e6d1642546c3f346308cb46f5f816c665f54353f64fa402e27b17f43891dc69544ad2044b20064f4911ebb93eaadc3afcef89c7eb8a10ec80e576f0c0f86599b4df8149661be1bac83bc1ccca54fc6cb2497e4278b552dc376120c60ab946abfc739d0f805563fa649727eb82a6", 0xc7, 0x7}, {&(0x7f0000000380)="1e0239250bc2c23aebf07fa32892239b174362194c4cfec7b0a39d71f1d75968542b99095402782297534f21d77f08d8b2f75ba11c8830ff1d6b70203e70767c4f47bef55867a8ddf92bd2a06399cd73f3e4219d0bfe3465c01a9714b1691513f911903f1dc2892a60dca23144222083d764ec9457939ba54ac2ab1bf7c330deea4cd7efa098de8aef972e70d2fecc5ce04e48c2f57fded8327df2f18d324fcd5002f8f93d1187e70cb5eb590ea15018aa5575", 0xb3, 0x8}, {&(0x7f0000000440)="5542916f2f95b2ce9a117c65708b05abb70e05b0cf8f99addbf4698dd42ae363379f7b5e3f7935e34dda37bf3fc1ab3aa2da30708d727925953763e85ebd6a16da79d15369a12d421640e1a512a327dc8fdf6316f9b29f57a2046fd1bc61bd2e6205c32650e9b42b49335050433ba1937ac8906588036d8adcf8", 0x7a, 0x90000}], 0x140040, &(0x7f0000000540)={[{@upgrade='upgrade'}, {@nobarrier='nobarrier'}, {@locktable={'locktable', 0x3d, '/dev/ptmx\x00'}}, {@rgrplvb='rgrplvb'}]})
getsockopt$inet_dccp_int(r2, 0x21, 0x5, &(0x7f0000000100), &(0x7f0000000140)=0x4)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x61, 0xffffffffffffffff, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000180)={0x10001, 0x1, 0x7fff, 0x5d, 0x6, 0x20, 0x9, 0x38, 0x3, 0x7fffffff, 0x401, 0x401})

08:36:28 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5437, &(0x7f0000000080))
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x100, 0x0, 0xffffffffffffffff, 0x7, 0x0, 0x0, 0x100c2})
ioctl$TCSETSW(r0, 0x5441, &(0x7f00000000c0))
openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x40001, 0x0)

08:36:28 executing program 7:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x1, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0x4, 0x24040)
getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000080)=0x2, &(0x7f00000000c0)=0x2)

[  449.897334] audit: type=1326 audit(1534494988.152:319): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17966 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0
[  449.998990] pts pts228: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  450.032899] ==================================================================
[  450.040477] BUG: KASAN: user-memory-access in n_tty_set_termios+0x106/0xe80
[  450.047622] Write of size 512 at addr 0000000000001060 by task syz-executor3/17970
[  450.055337] 
[  450.056990] CPU: 0 PID: 17970 Comm: syz-executor3 Not tainted 4.18.0-next-20180817+ #42
[  450.065145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  450.074545] Call Trace:
[  450.077154]  dump_stack+0x1c9/0x2b4
[  450.078722] pts pts229: tty_release: tty->count(2) != (#fd's(1) + #kopen's(0))
[  450.080824]  ? dump_stack_print_info.cold.2+0x52/0x52
[  450.080850]  ? kasan_check_write+0x14/0x20
[  450.080873]  ? do_raw_spin_lock+0xc1/0x200
[  450.101898]  ? vprintk_func+0x81/0x117
[  450.105813]  ? n_tty_set_termios+0x106/0xe80
[  450.110272]  kasan_report.cold.7+0x6d/0x30d
[  450.114619]  check_memory_region+0x13e/0x1b0
[  450.119048]  memset+0x23/0x40
[  450.122173]  n_tty_set_termios+0x106/0xe80
[  450.126448]  ? n_tty_poll+0xab0/0xab0
[  450.130275]  tty_set_termios+0x7a0/0xac0
[  450.134360]  ? tty_wait_until_sent+0x5d0/0x5d0
[  450.138971]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  450.144561]  set_termios+0x41e/0x7d0
[  450.148294]  ? tty_perform_flush+0x80/0x80
[  450.152564]  tty_mode_ioctl+0x535/0xb50
[  450.156564]  ? set_termios+0x7d0/0x7d0
[  450.160490]  ? check_same_owner+0x340/0x340
[  450.164837]  n_tty_ioctl_helper+0x54/0x3b0
[  450.169093]  n_tty_ioctl+0x54/0x360
[  450.172736]  ? ldsem_down_read+0x37/0x40
[  450.176815]  ? ldsem_down_read+0x37/0x40
[  450.180902]  tty_ioctl+0x5e1/0x1870
[  450.184543]  ? commit_echoes+0x1c0/0x1c0
[  450.188623]  ? tty_vhangup+0x30/0x30
[  450.192353]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  450.197050]  ? __fget+0x4d5/0x740
[  450.200560]  ? ksys_dup3+0x690/0x690
[  450.204293]  ? __fget_light+0x2f7/0x440
[  450.208293]  ? fget_raw+0x20/0x20
[  450.211768]  ? tty_vhangup+0x30/0x30
[  450.215537]  do_vfs_ioctl+0x1de/0x1720
[  450.219446]  ? ioctl_preallocate+0x300/0x300
[  450.223876]  ? __fget_light+0x2f7/0x440
[  450.227881]  ? fget_raw+0x20/0x20
[  450.231357]  ? sockfd_lookup_light+0xc5/0x160
[  450.235878]  ? __x64_sys_futex+0x47f/0x6a0
[  450.240131]  ? do_syscall_64+0x9a/0x820
[  450.244127]  ? do_syscall_64+0x9a/0x820
[  450.248120]  ? lockdep_hardirqs_on+0x421/0x5c0
[  450.252724]  ? security_file_ioctl+0x94/0xc0
[  450.257152]  ksys_ioctl+0xa9/0xd0
[  450.260628]  __x64_sys_ioctl+0x73/0xb0
[  450.264534]  do_syscall_64+0x1b9/0x820
[  450.268443]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  450.273834]  ? syscall_return_slowpath+0x5e0/0x5e0
[  450.278782]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  450.283641]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[  450.288678]  ? prepare_exit_to_usermode+0x291/0x3b0
[  450.293716]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  450.298580]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  450.303788] RIP: 0033:0x457089
[  450.307001] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  450.325920] RSP: 002b:00007f6881fbcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  450.333641] RAX: ffffffffffffffda RBX: 00007f6881fbd6d4 RCX: 0000000000457089
[  450.341448] RDX: 00000000200001c0 RSI: 0000000000005403 RDI: 0000000000000006
[  450.348729] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  450.356008] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  450.363285] R13: 00000000004d03c8 R14: 00000000004c616b R15: 0000000000000000
[  450.370589] ==================================================================
[  450.377946] Disabling lock debugging due to kernel taint
[  450.383589] Kernel panic - not syncing: panic_on_warn set ...
[  450.383589] 
[  450.390984] CPU: 0 PID: 17970 Comm: syz-executor3 Tainted: G    B             4.18.0-next-20180817+ #42
[  450.400523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  450.409882] Call Trace:
[  450.412487]  dump_stack+0x1c9/0x2b4
[  450.416138]  ? dump_stack_print_info.cold.2+0x52/0x52
[  450.421343]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  450.426114]  panic+0x238/0x4e7
[  450.429327]  ? add_taint.cold.5+0x16/0x16
[  450.433497]  ? trace_hardirqs_on+0xb4/0x2c0
[  450.437841]  ? trace_hardirqs_on+0xb4/0x2c0
[  450.442192]  ? n_tty_set_termios+0x106/0xe80
[  450.446634]  kasan_end_report+0x47/0x4f
[  450.450624]  kasan_report.cold.7+0x76/0x30d
[  450.454964]  check_memory_region+0x13e/0x1b0
[  450.459385]  memset+0x23/0x40
[  450.462503]  n_tty_set_termios+0x106/0xe80
[  450.466745]  ? n_tty_poll+0xab0/0xab0
[  450.470551]  tty_set_termios+0x7a0/0xac0
[  450.474617]  ? tty_wait_until_sent+0x5d0/0x5d0
[  450.479228]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  450.484772]  set_termios+0x41e/0x7d0
[  450.488514]  ? tty_perform_flush+0x80/0x80
[  450.492760]  tty_mode_ioctl+0x535/0xb50
[  450.496743]  ? set_termios+0x7d0/0x7d0
[  450.500643]  ? check_same_owner+0x340/0x340
[  450.504978]  n_tty_ioctl_helper+0x54/0x3b0
[  450.509242]  n_tty_ioctl+0x54/0x360
[  450.512875]  ? ldsem_down_read+0x37/0x40
[  450.516945]  ? ldsem_down_read+0x37/0x40
[  450.521014]  tty_ioctl+0x5e1/0x1870
[  450.524644]  ? commit_echoes+0x1c0/0x1c0
[  450.528716]  ? tty_vhangup+0x30/0x30
[  450.532436]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  450.537121]  ? __fget+0x4d5/0x740
[  450.540582]  ? ksys_dup3+0x690/0x690
[  450.544307]  ? __fget_light+0x2f7/0x440
[  450.548291]  ? fget_raw+0x20/0x20
[  450.551767]  ? tty_vhangup+0x30/0x30
[  450.555497]  do_vfs_ioctl+0x1de/0x1720
[  450.559402]  ? ioctl_preallocate+0x300/0x300
[  450.563814]  ? __fget_light+0x2f7/0x440
[  450.567793]  ? fget_raw+0x20/0x20
[  450.571255]  ? sockfd_lookup_light+0xc5/0x160
[  450.575760]  ? __x64_sys_futex+0x47f/0x6a0
[  450.579999]  ? do_syscall_64+0x9a/0x820
[  450.583979]  ? do_syscall_64+0x9a/0x820
[  450.587960]  ? lockdep_hardirqs_on+0x421/0x5c0
[  450.592551]  ? security_file_ioctl+0x94/0xc0
[  450.596969]  ksys_ioctl+0xa9/0xd0
[  450.600432]  __x64_sys_ioctl+0x73/0xb0
[  450.604331]  do_syscall_64+0x1b9/0x820
[  450.608243]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  450.613613]  ? syscall_return_slowpath+0x5e0/0x5e0
[  450.618549]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  450.623397]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[  450.628424]  ? prepare_exit_to_usermode+0x291/0x3b0
[  450.633451]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  450.638319]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  450.643531] RIP: 0033:0x457089
[  450.646726] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  450.665631] RSP: 002b:00007f6881fbcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  450.673346] RAX: ffffffffffffffda RBX: 00007f6881fbd6d4 RCX: 0000000000457089
[  450.680616] RDX: 00000000200001c0 RSI: 0000000000005403 RDI: 0000000000000006
[  450.687888] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  450.695157] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  450.702428] R13: 00000000004d03c8 R14: 00000000004c616b R15: 0000000000000000
[  450.710036] Dumping ftrace buffer:
[  450.713570]    (ftrace buffer empty)
[  450.717268] Kernel Offset: disabled
[  450.720881] Rebooting in 86400 seconds..