[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.19' (ECDSA) to the list of known hosts. 2020/06/29 20:35:03 fuzzer started 2020/06/29 20:35:03 dialing manager at 10.128.0.26:33155 2020/06/29 20:35:03 syscalls: 3149 2020/06/29 20:35:03 code coverage: enabled 2020/06/29 20:35:03 comparison tracing: enabled 2020/06/29 20:35:03 extra coverage: enabled 2020/06/29 20:35:03 setuid sandbox: enabled 2020/06/29 20:35:03 namespace sandbox: enabled 2020/06/29 20:35:03 Android sandbox: /sys/fs/selinux/policy does not exist 2020/06/29 20:35:03 fault injection: enabled 2020/06/29 20:35:03 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/06/29 20:35:03 net packet injection: enabled 2020/06/29 20:35:03 net device setup: enabled 2020/06/29 20:35:03 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/06/29 20:35:03 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/06/29 20:35:03 USB emulation: enabled 20:36:54 executing program 0: syzkaller login: [ 155.357906][ T6794] IPVS: ftp: loaded support on port[0] = 21 20:36:55 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) read(r0, &(0x7f0000000240)=""/80, 0x50) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000580)={0x0, 0x0, 0x0, 0xfffffffe, 0x0, "0000374b00d515f80f00"}) ioctl$TIOCL_SETSEL(r1, 0x5412, &(0x7f0000000000)={0x3}) [ 155.507610][ T6794] chnl_net:caif_netlink_parms(): no params data found [ 155.640913][ T6794] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.659481][ T6794] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.670911][ T6794] device bridge_slave_0 entered promiscuous mode [ 155.680314][ T6794] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.688871][ T6794] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.696779][ T6794] device bridge_slave_1 entered promiscuous mode [ 155.723387][ T6794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 155.726673][ T6924] IPVS: ftp: loaded support on port[0] = 21 [ 155.756399][ T6794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 20:36:55 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000380)=ANY=[], 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)) [ 155.812851][ T6794] team0: Port device team_slave_0 added [ 155.842856][ T6794] team0: Port device team_slave_1 added [ 155.891069][ T6794] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 155.904364][ T6794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.967125][ T6794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 155.993753][ T6794] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 156.017336][ T6794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.044655][ T6794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active 20:36:55 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000900)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf2000000000000015000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350600000fff07086706000002000000070300000ee60060bf050000000000004f650000000000006507f9ff01000000070700004c0000005f75000000000000bf54000000000000070400000400f9fead4301000000000095000000000000000500000000000000950000000000000032ed3c5be9525db67754bb12fe3b54ac69a5864e764f9914953170d2d7ffffff8ecf264e0f84f9f17d3c30e3c7bdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d15871637a0b9bdb7dd399703d6c4f6f3be4b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fc9de56c9d8a814261bd2b4a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546c087431d7700000006e7c955cfa1f6ab689fde4de5f63ede20271a51445dc8da39e5b0ab70100010000000000d048cd6002d4519af619e3cca4d69e0dee5eb106774a8f3e6916df85aaf34c4756ad3a6d74ec88148f0200000000c8fb735fd552bdc206004aeb0743eb2dc819b6cf5c8ac86d8a297dff0445a13d0045fb3cda32a673a6bb55d8c85f21dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174aba210d702a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67a993716dbf580469f11294b482af97787f696649a462e7ee4bcf8b07a10d6735154beb4000004000000000000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d022cf74686e9fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3472f4445d253887b52d103649afa17690884f8d2001e03a651bb96589a7eab04871bc47287cd313f00000000000000b7861bbd0000000000000000c59050647802cf86f1b4c3005f37d83f84e98a52fbbecd106425563d80bd0d0d703f37ca363f601ae899a53f6715a0a62a34b0c94cce699452050000000000000026a0f6a5480a55c22fe394ac000000000000000000040000000000437d57defb79ea6a58bc3eeed729a2f95e1d6a1fc3857ff51b324be00000000000000090867f577cdde2144d9d7a3b9bc43717188cb8426286fc55fc57cc3c6de4aa67babf350709e282a4f2bf59f46e20465eae865dbfd533b1cb2d540d0490cd5248715c74b6bd0248a9a0b417bbdfb5351defc6e34a961f3593920437bf3cbbc04600c64acad9a04ffe62875177b51d3e2f0c6d7194c26789d2bec2d0846831455b8fcde5beaeca2c1335d8a49a92f9d2bef5f485c4b6f4cf710b7d4550e6f2d830dfcd9d47d50ea838bdf8901a719431a9d1ef918ec0ec79037cb61df16379e3bf2a1127c49407e8512e21080315e62559e8dd67dae85177d899d9e078f80585837f0e943b8820b19c75d243a78d8c2093c59cbc4c55f1578cff737502ea2d8dc5eee909928d0b9dc946dcb30692dc88db84834cc7726429cb20603b5338184f9828aa802e37d3c4f259d616307d8ab86ca094049c0ddc1caaed5485b4ff030000182620bcba2316f9e6df0c864700000000000000000000386096e4a4ff86042f0b42027ff933d2dfe2d5baffacc9dc2411302a185ea454af5839be28b7d0fe6ae0fd63fa7f32b8ab6cd6a8b8bf1b7d3ed9f8c2a6b6f46c7dad2f9e939c92d63ab1cf2fbea215b96a604444f8c391c0d9b647a3be4885a055ce3879a91fb62ca97e6526286c14c80b6dc981c5ae6ebf0778ea01a3a44e01ab79bcccbb83266a1ce1a1dea83ebb89d07b35b1aa09ad2904040e7784e96cd66bda204d47b1c66d5a84e7c3de1d1062fd8a23d1b4e2313c177e76dbca599691164ade323ad4a17abe99975cba748bc2379eed5a83dc94947eb18976db8ba6d301fb65a3d8b5baa9bbec0176f9f096a3af96c34c510c297257b6105e3c45d7"], &(0x7f0000000100)='GPL\x00'}, 0x48) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) [ 156.131613][ T6794] device hsr_slave_0 entered promiscuous mode [ 156.168944][ T6794] device hsr_slave_1 entered promiscuous mode [ 156.233797][ T6976] IPVS: ftp: loaded support on port[0] = 21 [ 156.319469][ T6924] chnl_net:caif_netlink_parms(): no params data found [ 156.592050][ T6924] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.601306][ T6924] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.610913][ T6924] device bridge_slave_0 entered promiscuous mode 20:36:56 executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000580)={0x3ff, 0x0, 0x0, 0xfffffffe, 0x0, "0000374b00d515f80f00"}) ioctl$TIOCL_SETSEL(r0, 0x5412, &(0x7f0000000000)={0x3}) [ 156.646357][ T6924] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.657363][ T6924] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.665986][ T6924] device bridge_slave_1 entered promiscuous mode [ 156.679449][ T6976] chnl_net:caif_netlink_parms(): no params data found [ 156.682758][ T7155] IPVS: ftp: loaded support on port[0] = 21 [ 156.763327][ T6924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 156.793125][ T6794] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 156.863201][ T6924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 156.894321][ T6794] netdevsim netdevsim0 netdevsim1: renamed from eth1 20:36:56 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="ebe7f68fdb66732e666134000204015b66000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) fchdir(r0) inotify_init() inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0) write$binfmt_aout(r1, &(0x7f0000000300)=ANY=[], 0xe) unlink(&(0x7f0000000280)='./bus\x00') sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) creat(&(0x7f0000000780)='./bus\x00', 0x0) [ 156.954995][ T6794] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 157.049112][ T6794] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 157.099885][ T6924] team0: Port device team_slave_0 added [ 157.125025][ T6924] team0: Port device team_slave_1 added [ 157.168629][ T7266] IPVS: ftp: loaded support on port[0] = 21 [ 157.193877][ T6924] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 157.201901][ T6924] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 157.230207][ T6924] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 157.243059][ T6924] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 157.250618][ T6924] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 157.277477][ T6924] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 157.313468][ T6976] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.322235][ T6976] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.323548][ T7295] IPVS: ftp: loaded support on port[0] = 21 [ 157.332891][ T6976] device bridge_slave_0 entered promiscuous mode [ 157.345357][ T6976] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.353643][ T6976] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.362292][ T6976] device bridge_slave_1 entered promiscuous mode [ 157.396739][ T6976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 157.430338][ T6976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 157.521680][ T6924] device hsr_slave_0 entered promiscuous mode [ 157.587988][ T6924] device hsr_slave_1 entered promiscuous mode [ 157.647206][ T6924] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 157.654948][ T6924] Cannot create hsr debugfs directory [ 157.707507][ T7155] chnl_net:caif_netlink_parms(): no params data found [ 157.719013][ T6976] team0: Port device team_slave_0 added [ 157.745516][ T6976] team0: Port device team_slave_1 added [ 157.853258][ T6976] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 157.860438][ T6976] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 157.886447][ T6976] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 157.925646][ T6976] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 157.932892][ T6976] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 157.959385][ T6976] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 158.094898][ T6794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 158.115627][ T7155] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.122865][ T7155] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.134199][ T7155] device bridge_slave_0 entered promiscuous mode [ 158.191674][ T6976] device hsr_slave_0 entered promiscuous mode [ 158.247215][ T6976] device hsr_slave_1 entered promiscuous mode [ 158.298860][ T6976] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 158.306449][ T6976] Cannot create hsr debugfs directory [ 158.347718][ T7155] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.354827][ T7155] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.363178][ T7155] device bridge_slave_1 entered promiscuous mode [ 158.388788][ T7266] chnl_net:caif_netlink_parms(): no params data found [ 158.430342][ T7295] chnl_net:caif_netlink_parms(): no params data found [ 158.470714][ T7155] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 158.491763][ T7155] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 158.583928][ T7155] team0: Port device team_slave_0 added [ 158.593856][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 158.603332][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 158.626825][ T6924] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 158.672007][ T7155] team0: Port device team_slave_1 added [ 158.696728][ T6924] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 158.760874][ T6794] 8021q: adding VLAN 0 to HW filter on device team0 [ 158.783925][ T7266] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.791465][ T7266] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.802038][ T7266] device bridge_slave_0 entered promiscuous mode [ 158.810071][ T6924] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 158.854006][ T6924] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 158.931877][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 158.947658][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 158.956002][ T2585] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.963202][ T2585] bridge0: port 1(bridge_slave_0) entered forwarding state [ 158.974419][ T7266] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.982587][ T7266] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.991211][ T7266] device bridge_slave_1 entered promiscuous mode [ 159.001328][ T7155] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 159.009648][ T7155] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.036128][ T7155] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 159.055832][ T7295] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.063281][ T7295] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.072243][ T7295] device bridge_slave_0 entered promiscuous mode [ 159.081283][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 159.104844][ T7155] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 159.113266][ T7155] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.140174][ T7155] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 159.155183][ T7295] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.165247][ T7295] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.174429][ T7295] device bridge_slave_1 entered promiscuous mode [ 159.191693][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 159.201086][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 159.210895][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.218025][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 159.264315][ T7266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 159.292670][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 159.318432][ T7266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 159.400206][ T7155] device hsr_slave_0 entered promiscuous mode [ 159.429065][ T7155] device hsr_slave_1 entered promiscuous mode [ 159.477098][ T7155] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 159.484653][ T7155] Cannot create hsr debugfs directory [ 159.493889][ T7295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 159.536850][ T7295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 159.556024][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 159.564770][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 159.574384][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 159.583544][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 159.603804][ T6976] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 159.673204][ T6976] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 159.735108][ T7266] team0: Port device team_slave_0 added [ 159.752349][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 159.762673][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 159.772109][ T6976] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 159.839651][ T6976] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 159.883224][ T7295] team0: Port device team_slave_0 added [ 159.893964][ T7295] team0: Port device team_slave_1 added [ 159.908806][ T7266] team0: Port device team_slave_1 added [ 159.924230][ T6794] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 159.935364][ T6794] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 159.964772][ T6924] 8021q: adding VLAN 0 to HW filter on device bond0 [ 159.994157][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 160.003394][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 160.013343][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 160.023165][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 160.039366][ T7295] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 160.046320][ T7295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.078001][ T7295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 160.097447][ T7266] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 160.104395][ T7266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.134350][ T7266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 160.148145][ T7266] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 160.155083][ T7266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.181960][ T7266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 160.202244][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 160.216615][ T6924] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.224417][ T7295] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 160.231896][ T7295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.260124][ T7295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 160.295403][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 160.304562][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 160.340931][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 160.351886][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 160.361178][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.368346][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 160.376151][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 160.383798][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 160.393720][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 160.439347][ T7295] device hsr_slave_0 entered promiscuous mode [ 160.477307][ T7295] device hsr_slave_1 entered promiscuous mode [ 160.547041][ T7295] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 160.554732][ T7295] Cannot create hsr debugfs directory [ 160.610954][ T7266] device hsr_slave_0 entered promiscuous mode [ 160.657381][ T7266] device hsr_slave_1 entered promiscuous mode [ 160.697154][ T7266] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 160.704705][ T7266] Cannot create hsr debugfs directory [ 160.719009][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 160.727840][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 160.736490][ T3794] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.743604][ T3794] bridge0: port 2(bridge_slave_1) entered forwarding state [ 160.760454][ T6794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 160.849487][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 160.862305][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 160.875001][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 160.943660][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 160.954828][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 160.966064][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 160.974783][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 161.015430][ T6794] device veth0_vlan entered promiscuous mode [ 161.044158][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 161.054039][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 161.063707][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 161.072764][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 161.082401][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 161.091219][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 161.119695][ T7155] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 161.160775][ T7155] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 161.208913][ T7155] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 161.270973][ T7155] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 161.342503][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 161.351132][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 161.373728][ T6924] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 161.388305][ T6924] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 161.417549][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 161.425885][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 161.442389][ T6794] device veth1_vlan entered promiscuous mode [ 161.477249][ T6976] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.553144][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 161.563370][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 161.572097][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 161.580199][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 161.588661][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 161.597672][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 161.611940][ T6976] 8021q: adding VLAN 0 to HW filter on device team0 [ 161.641537][ T6794] device veth0_macvtap entered promiscuous mode [ 161.650198][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 161.660893][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 161.670617][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 161.695806][ T6794] device veth1_macvtap entered promiscuous mode [ 161.717597][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 161.725358][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 161.739043][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 161.751075][ T2585] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.758221][ T2585] bridge0: port 1(bridge_slave_0) entered forwarding state [ 161.768229][ T6924] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 161.778492][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 161.790944][ T7266] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 161.854909][ T7266] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 161.890319][ T7266] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 161.938899][ T7266] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 161.992904][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 162.001634][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 162.010633][ T3788] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.017752][ T3788] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.055204][ T6794] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 162.080592][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 162.089541][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 162.099670][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 162.108829][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 162.136800][ T7155] 8021q: adding VLAN 0 to HW filter on device bond0 [ 162.154865][ T6794] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 162.168457][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 162.178934][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 162.189590][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 162.198658][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 162.207304][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 162.215518][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 162.224074][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 162.233864][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 162.242822][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 162.251866][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 162.264153][ T6976] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 162.279020][ T6976] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 162.302468][ T7295] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 162.367273][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 162.375181][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 162.384371][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 162.394001][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 162.402167][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 162.422243][ T7155] 8021q: adding VLAN 0 to HW filter on device team0 [ 162.433700][ T7295] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 162.472454][ T7295] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 162.532159][ T7295] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 162.623705][ T2471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 162.634207][ T2471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 162.643479][ T2471] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.650606][ T2471] bridge0: port 1(bridge_slave_0) entered forwarding state [ 162.661170][ T2471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 162.670968][ T2471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 162.680395][ T2471] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.687537][ T2471] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.713998][ T6976] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 162.759928][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 162.768288][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 162.775721][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 162.783600][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 162.792415][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 162.802058][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 162.810678][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 162.829633][ T6924] device veth0_vlan entered promiscuous mode [ 162.898246][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 162.912248][ T6924] device veth1_vlan entered promiscuous mode 20:37:02 executing program 0: add_key(&(0x7f0000000080)='user\x00', &(0x7f0000000000)={'syz', 0x0}, &(0x7f00000000c0)="f6", 0x1, 0xfffffffffffffffb) 20:37:02 executing program 0: [ 163.048756][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 163.065896][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready 20:37:02 executing program 0: [ 163.103930][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 163.186119][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 163.200985][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 163.212110][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 163.221606][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready 20:37:03 executing program 0: [ 163.245602][ T7266] 8021q: adding VLAN 0 to HW filter on device bond0 [ 163.264930][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 163.274855][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready 20:37:03 executing program 0: [ 163.298543][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 163.311113][ T6924] device veth0_macvtap entered promiscuous mode [ 163.332699][ T6976] device veth0_vlan entered promiscuous mode 20:37:03 executing program 0: [ 163.375933][ T7155] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 163.394263][ T7155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 163.418138][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready 20:37:03 executing program 0: [ 163.445606][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 163.462325][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 163.474266][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 163.515932][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 163.544151][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 163.563235][ T6924] device veth1_macvtap entered promiscuous mode [ 163.582741][ T7266] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.598985][ T7295] 8021q: adding VLAN 0 to HW filter on device bond0 [ 163.613355][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 163.621761][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 163.629911][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 163.637660][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 163.645242][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.654512][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.669928][ T6976] device veth1_vlan entered promiscuous mode [ 163.687983][ T6924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 163.699448][ T6924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 163.710903][ T6924] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 163.722469][ T6924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 163.733027][ T6924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 163.745163][ T6924] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 163.755078][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 163.763318][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 163.772183][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 163.780752][ T3794] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.787882][ T3794] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.795367][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 163.804058][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 163.813647][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 163.822255][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 163.834216][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 163.854378][ T7295] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.878071][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.885854][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.895303][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 163.903912][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 163.923557][ T7155] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 164.050407][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 164.061196][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 164.070265][ T2585] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.077418][ T2585] bridge0: port 2(bridge_slave_1) entered forwarding state [ 164.085070][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 164.093940][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 164.102790][ T2585] bridge0: port 1(bridge_slave_0) entered blocking state [ 164.109925][ T2585] bridge0: port 1(bridge_slave_0) entered forwarding state [ 164.117596][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 164.126006][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 164.217910][ T2499] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 164.226057][ T2499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 164.239569][ T2499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 164.249499][ T2499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 164.259505][ T2499] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 164.269311][ T2499] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.276415][ T2499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 164.288225][ T2499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 164.289276][ T2499] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 164.289867][ T2499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 164.290574][ T2499] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 164.291151][ T2499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 164.326758][ T6976] device veth0_macvtap entered promiscuous mode [ 164.337638][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 164.338288][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 164.338801][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 164.339345][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 164.340078][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 164.340595][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 164.341132][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 164.342137][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 164.342738][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 164.343293][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 164.349794][ T7266] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 164.356595][ T6976] device veth1_macvtap entered promiscuous mode [ 164.388691][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 164.389333][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 164.389868][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 164.446643][ T7266] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 164.455811][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 164.456653][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 164.458004][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 164.458597][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 164.459244][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 164.459380][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 164.463305][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready 20:37:04 executing program 1: [ 164.463818][ T8063] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 164.468046][ T7155] device veth0_vlan entered promiscuous mode [ 164.691731][ T6976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 164.708670][ T6976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.722135][ T6976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 164.748442][ T6976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.766155][ T6976] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 164.807051][ T3789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 164.815536][ T3789] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 164.827790][ T3789] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 164.836383][ T3789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 164.852047][ T7295] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 164.868905][ T7295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 164.883377][ T7155] device veth1_vlan entered promiscuous mode [ 164.900821][ T6976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 164.919732][ T6976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.934421][ T6976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 164.945242][ T6976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.962658][ T6976] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 164.977543][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 164.985601][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 164.994497][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 165.003978][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 165.014654][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 165.104670][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 165.113382][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 165.131177][ T7295] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 165.153115][ T7155] device veth0_macvtap entered promiscuous mode [ 165.170532][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 165.182465][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 165.195278][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 165.281197][ T7155] device veth1_macvtap entered promiscuous mode [ 165.298320][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 165.306254][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 165.325125][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready 20:37:05 executing program 2: [ 165.402376][ T7266] device veth0_vlan entered promiscuous mode [ 165.437235][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 165.445424][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 165.471863][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 165.504515][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 165.559202][ T7155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 165.571902][ T7155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.585286][ T7155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 165.597341][ T7155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.607663][ T7155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 165.618460][ T7155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.630391][ T7155] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 165.648426][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 165.657481][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 165.665980][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 165.675535][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 165.686688][ T7155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 165.699828][ T7155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.710188][ T7155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 165.721020][ T7155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.731752][ T7155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 165.742552][ T7155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.756402][ T7155] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 165.776118][ T7295] device veth0_vlan entered promiscuous mode [ 165.786040][ T7266] device veth1_vlan entered promiscuous mode [ 165.794597][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 165.803617][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 165.813915][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 165.822674][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 165.831258][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 165.853892][ T7295] device veth1_vlan entered promiscuous mode [ 165.866390][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 165.874911][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 165.883268][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 165.891040][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 166.051020][ T7295] device veth0_macvtap entered promiscuous mode [ 166.071629][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 166.081593][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 166.091904][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 166.106657][ T3788] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 166.123770][ T7295] device veth1_macvtap entered promiscuous mode [ 166.157172][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 166.165697][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 166.170059][ C1] hrtimer: interrupt took 40427 ns [ 166.190135][ T7266] device veth0_macvtap entered promiscuous mode [ 166.224209][ T7266] device veth1_macvtap entered promiscuous mode [ 166.239145][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 166.260389][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.274930][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 166.292004][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.303756][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 166.323147][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.334518][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 166.351643][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.366195][ T7295] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 166.399328][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 166.413981][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 166.435982][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 166.483029][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 166.494553][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 166.513580][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.525691][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 166.544121][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.555230][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 166.572654][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.582939][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 166.600380][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.615171][ T7295] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 166.639832][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 166.659174][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.676663][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 166.695205][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.706114][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 166.725923][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.736861][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 166.756088][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.774332][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 166.785655][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.809822][ T7266] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 166.826770][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 166.844175][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 166.853030][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 166.871259][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 166.933625][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 166.959597][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.977494][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 166.994120][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.006413][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 167.025179][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.047410][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 167.065193][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.076202][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 167.094266][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.117051][ T7266] batman_adv: batadv0: Interface activated: batadv_slave_1 20:37:06 executing program 3: [ 167.169821][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 167.184259][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 167.491489][ T8114] FAT-fs (loop5): bogus number of FAT sectors [ 167.499065][ T8114] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:07 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) [ 168.285200][ T8126] FAT-fs (loop5): bogus number of FAT sectors [ 168.295099][ T8126] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:08 executing program 5: syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') ioctl$BLKREPORTZONE(r0, 0xc0101282, 0x0) 20:37:08 executing program 0: 20:37:08 executing program 1: 20:37:08 executing program 2: 20:37:08 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x10d082) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3fbcbab16c80fab, 0x11, r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) 20:37:08 executing program 4: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x8000002, 0x0, @loopback}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20000001, &(0x7f0000000040)={0xa, 0x2}, 0x1c) sendto$packet(r1, &(0x7f0000000340), 0xfffffffffffffd4d, 0x0, 0x0, 0x0) 20:37:08 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0xc, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8}]}}]}, 0x40}}, 0x0) 20:37:08 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x100000400000003a) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f00000000c0)=ANY=[], 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x3}, 0x1c) write(r0, &(0x7f0000000100)="d840", 0x2) 20:37:08 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x41) r1 = memfd_create(&(0x7f0000000380)='iC;`\xb6p+\x10', 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendfile(r0, r1, 0x0, 0x2000005) fsync(r0) 20:37:08 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x9, 0x3, 0x200, 0x0, 0xd0, 0xd0, 0xd0, 0x0, 0x168, 0x168, 0x168, 0x168, 0x168, 0x3, 0x0, {[{{@ip={@multicast1, @initdev={0xac, 0x1e, 0xde, 0x0}, 0x0, 0xffffffff, 'bridge_slave_1\x00'}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @random="d7ead0b1e3fa"}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x260) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x9, 0x3, 0x200, 0xd0, 0xd0, 0xd0, 0x0, 0x0, 0x168, 0x168, 0x168, 0x168, 0x168, 0x3, 0x0, {[{{@ip={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0xffffffff, 'bridge_slave_1\x00'}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @local}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x260) r2 = socket$inet_udplite(0x2, 0x2, 0x88) dup(0xffffffffffffffff) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000440)={{{@in=@multicast1, @in6}}, {{@in6=@ipv4={[], [], @local}}, 0x0, @in6=@empty}}, &(0x7f0000000540)=0xe8) socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 20:37:08 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000005540)=[{{0x0, 0xe00403e8, &(0x7f0000000240)=[{&(0x7f0000001340)=""/4067, 0x20002323}], 0x1, 0x0, 0x2000012, 0x1f4}}], 0x1, 0x100, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x4000, 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x170) 20:37:08 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8983, 0x0) 20:37:08 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000100)=""/239) r1 = socket(0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000), 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000005540)=[{{0x0, 0xe00403e8, &(0x7f0000000240)=[{&(0x7f0000001340)=""/4067, 0x20002323}], 0x1, 0x0, 0x2000012, 0x1f4}}], 0x1, 0x100, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4) r2 = socket(0x2, 0x0, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x170) 20:37:08 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0xffffffffffffffe2, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[], 0x2bcf) shutdown(r0, 0x1) recvmsg(r0, &(0x7f0000001440)={0x0, 0xa, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4096, 0xf99e}], 0x1, 0x0, 0xff96ce4aaaa47475, 0x7115}, 0x100) [ 168.638455][ T8162] x_tables: duplicate underflow at hook 3 [ 168.672506][ T8162] x_tables: duplicate underflow at hook 3 20:37:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080)='syz_tun\x00', 0x4d) sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e) setsockopt$inet_int(r2, 0x0, 0x19, &(0x7f0000000000)=0x3f, 0x4) recvmmsg(r2, &(0x7f0000000240)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffec8}}], 0x4000000000002c5, 0x2, 0x0) 20:37:08 executing program 2: r0 = gettid() r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1) prctl$PR_SET_PTRACER(0x59616d61, r0) write$binfmt_script(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="2321202e2f66696c653020f014d336b04b0304000000004555a763c15ceda0bb3576ed3ae7a290ab0e74467713328b5e4577124d1a2e21da765cd1ce2356a8f85646bf8893cc7149595314f0771b65d33e129933dd93f99f03cd6b3e5903e10913072c8254f745b7d46cedd461a7ddb592a67f706eb14c1d3d1a204fe2e9c50d7920f69e068d2c7faba408ce7a3b0c6c699890e19745ba9a37cfdd7ff58b659bbf65c6a2b2e441a0e0c44a3d9abeb7d90f000000000e077d0d67096da85a6d22c36fac7505a35892211b5194d55e0ad396b242ac"], 0x191) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) [ 168.721571][ T8162] x_tables: duplicate underflow at hook 3 [ 168.736115][ T8165] x_tables: duplicate underflow at hook 3 20:37:08 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc28a}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000005540)=[{{0x0, 0xe00403e8, &(0x7f0000000240)=[{&(0x7f0000001340)=""/4067, 0x20002323}], 0x1, 0x0, 0x2000012, 0x1f4}}], 0x1, 0x100, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf74", 0x49, 0x11, 0x0, 0x0) 20:37:08 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x40) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast1, 0x0, 0x32}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x4}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 20:37:08 executing program 2: r0 = gettid() r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1) prctl$PR_SET_PTRACER(0x59616d61, r0) write$binfmt_script(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="2321202e2f66696c653020f014d336b04b0304000000004555a763c15ceda0bb3576ed3ae7a290ab0e74467713328b5e4577124d1a2e21da765cd1ce2356a8f85646bf8893cc7149595314f0771b65d33e129933dd93f99f03cd6b3e5903e10913072c8254f745b7d46cedd461a7ddb592a67f706eb14c1d3d1a204fe2e9c50d7920f69e068d2c7faba408ce7a3b0c6c699890e19745ba9a37cfdd7ff58b659bbf65c6a2b2e441a0e0c44a3d9abeb7d90f000000000e077d0d67096da85a6d22c36fac7505a35892211b5194d55e0ad396b242ac"], 0x191) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) 20:37:08 executing program 5: r0 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x105082) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fallocate(r0, 0x11, 0x0, 0x100007e00) 20:37:08 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000200)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) 20:37:08 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x10d082) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = memfd_create(&(0x7f0000000040)='\xbb\x02\xb1\xed\x96\xdb\xb1,\x116\xe0\x89]\xad\x01\xc3r%;\x99\xbck\xe7=\xfa\xe8HB\x00\x00\xd7h\xa4\x06jt\xea\xf9l\x00\x00\x00\x00!\xf8\xac\xdc\x00\x00\x00', 0x0) pwritev(r3, &(0x7f00000001c0)=[{&(0x7f0000000200)="c5", 0x1}], 0x1, 0x40ee1) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r3) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3fbcbab16c80fab, 0x11, r0, 0x0) write(r0, &(0x7f0000000000), 0x52698b21) 20:37:09 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) utime(0x0, &(0x7f0000000140)) 20:37:09 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = dup(r0) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x20008005) 20:37:09 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x8, 0x1a, 0x0, 0x1, [@AF_INET6={0x4}]}]}, 0x28}}, 0x0) 20:37:09 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f00000008c0)={'filter\x00', 0x7, 0x4, 0x3e0, 0x1f8, 0x0, 0xe8, 0x2f8, 0x2f8, 0x2f8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@arp={@remote, @dev, 0x0, 0x0, 0x0, 0x0, {@mac}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_to_team\x00', 'veth1_to_team\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="cd1b568f89bc", @remote, @broadcast, 0x4}}}, {{@arp={@multicast1, @dev, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netpci0\x00', 'macvtap0\x00'}, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "dc99fcc1a5d5f59fab3625bf137c088edfa629bca6c7c2176000ac3068b2"}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x430) 20:37:09 executing program 1: r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x23}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000940)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)="f69a4243474cabd59716fb7e541db003dddafbedbf6f7c82161f4277a4e04b790dbbf2d571c5503e", 0x28}], 0x1}}], 0x1, 0x4004804) 20:37:09 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) writev(r0, &(0x7f00000002c0)=[{&(0x7f00000000c0)='7', 0x1}], 0x1) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) rt_sigaction(0x3e, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000400)) 20:37:09 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sysfs$1(0x1, 0x0) 20:37:09 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`'], 0x7e) [ 169.601078][ T8232] x_tables: duplicate underflow at hook 1 20:37:11 executing program 2: msgsnd(0x0, &(0x7f00000010c0)={0x3}, 0x4, 0x0) msgctl$IPC_RMID(0x0, 0x0) 20:37:11 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x54}, [@alu={0x4, 0x1, 0xb, 0x0, 0x0, 0x0, 0x10}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1ec}, 0x48) 20:37:11 executing program 4: getpgid(0x0) r0 = memfd_create(&(0x7f0000000480)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\xa3\\\xe2\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0) write(r0, &(0x7f0000000080)="0600", 0x2) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000800)=ANY=[@ANYBLOB="2c0000000300000000000000810000002d00020000000000000007"], 0x2c) sendfile(r0, r0, &(0x7f0000001000), 0xffff) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f000002eff0)={0x85c, &(0x7f0000000000)=[{}]}, 0x10) 20:37:11 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000000ec0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f4}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000002c0)=""/196, 0xc4}], 0x1}}], 0x2, 0x10102, 0x0) sendto$inet(r0, &(0x7f00000012c0)='\f', 0x1, 0x0, 0x0, 0x0) 20:37:11 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000000)={@remote, 0x0, 0x0, 0x0, 0xf}, &(0x7f0000000040)=0x20) 20:37:11 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20000801, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) recvfrom$inet(r0, 0x0, 0x0, 0x10140, 0x0, 0x0) 20:37:11 executing program 5: request_key(0x0, 0x0, 0x0, 0x0) 20:37:11 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f0000000680)=ANY=[@ANYBLOB="0000000000000000000060bc7d94004c2c00fe8000000000000500000000000000aaff0200000000000000000000000000012f"], 0x7e) 20:37:11 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002cc0)=[{{0x0, 0x0, 0x0}, 0x81}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/arp\x00') r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f00000017c0), 0x315, 0x800000) 20:37:11 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000440)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4) sendmmsg(r0, &(0x7f00000075c0)=[{{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000300)="f685a288c84ec47e44864a1ae8659eb07e2f26d6c91f25104caa92162d00eba54e68088986aa066431445c5412f138db82e75760578858a6259283c4958956ef0217ed787072bbfb32de603a48f306d3e6346b7c9328b5b8f805a4dc61538e3bc88cdc349dabf717313af026ca16b9669abd0f8323058da774c0f518d781a7a8672c", 0x82}, {&(0x7f0000000000)="40c11437fb00d6eab04b0c06251f8168813a461ace70236fa0348db1d319fe147c2390db325b8f9969aec8c50d", 0x2d}, {&(0x7f0000001600)="46a43e3f510e3eac779206060abfc1e723fc59d595e9948e6d03be0d6c89d8702d5f2332fe4e991d8ce010dd173f3035a16bc1ae729800e6c53d5b3b7deacf114c931c707559610cd1366220890b11cd862202abfbcd24a76a2f0f7044964480ebd12d0bca901ac0e4e3188cb74f2b45bc4f37e1694a1e15a039e34cf59a4c86cb1dc5210f4be91e84888a860ab5286ba2a15f0b04b178198d663c", 0x9b}, {&(0x7f0000001880)="bdcc25945d5320762605855bdd5022bce4d5ecd21753f95ce22bbec3d78b5644a4f358945013c7228ccdf35e86770ac02760d99e9206acc59036a49f4b8971cf78556f3c6ca383a03d95fc318a9aeaccfa469ba8a16aa00a2bd34222049e1c038f769d461fd8e623ef4860aee8c34c32e6b311045684f83aae6d36aeb6430fcb2939da257013f355311245f449afac154a6576a3d7f5", 0x96}, {&(0x7f0000001940)="cd96bdb578810f358b2aaaf2", 0xc}], 0x5}}], 0x1, 0x8804) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 20:37:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x430, 0x258, 0x4000000, 0x158, 0x0, 0x0, 0x360, 0x240, 0x240, 0x360, 0x240, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x230, 0x258, 0x0, {}, [@common=@inet=@tcp={{0x30, 'tcp\x00'}}, @common=@inet=@hashlimit3={{0x158, 'hashlimit\x00'}, {'caif0\x00', {0x63, 0x0, 0x50, 0x1, 0x0, 0x8, 0x1, 0x400}}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00'}}, {{@uncond, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@dev, [], 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x490) read$char_usb(r1, &(0x7f0000000000)=""/124, 0x7c) 20:37:11 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000440)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4) sendmmsg(r0, &(0x7f00000075c0)=[{{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000300)="f685a288c84ec47e44864a1ae8659eb07e2f26d6c91f25104caa92162d00eba54e68088986aa066431445c5412f138db82e75760578858a6259283c4958956ef0217ed787072bbfb32de603a48f306d3e6346b7c9328b5b8f805a4dc61538e3bc88cdc349dabf717313af026ca16b9669abd0f8323058da774c0f518d781a7a8672c", 0x82}, {&(0x7f0000001780)="cfd063443cdc8585517304d96a713e7fb6273277543dd8cc3f1f2506e70e28180a2d2cf93495d7ef3a25d4b8a05b98a627ae8e98ed6f0fa2c78dd9ce1b9ef81f7c9274c78b728e5032c69cf8ebe9d42dd43d2f19d09e91a71f81c3b192d96cc627241b95ec8fbb6c71f603e0d07fcb5a6e07585208dd2ac721d2fdab2c29411f66ec7cca1e1760a2d6ca8af4ec79cae5c78430ea32a266856c8260e4de581475abdd2153aa8fea34789320ee2514903088dfd546a136d40646857b851b65a7a918c58881be75d5d71239c7698d7bdb3f879f49436bbbd87586553407860397d48842400126f8703ddc55ba4e", 0xec}, {&(0x7f0000000000)="40c11437fb00d6eab04b0c06251f8168813a461ace70236fa0348db1d319fe147c2390db325b8f9969aec8c50d", 0x2d}, {&(0x7f0000001600)="46a43e3f510e3eac779206060abfc1e723fc59d595e9948e6d03be0d6c89d8702d5f2332fe4e991d8ce010dd173f3035a16bc1ae729800e6c53d5b3b7deacf114c931c707559610cd1366220890b11cd862202abfbcd24a76a2f0f7044964480ebd12d0bca901ac0e4e3188cb74f2b45bc4f37e1694a1e15a039e34cf59a4c86cb1dc5210f4be91e84888a860ab5286ba2a15f0b04b178198d663c", 0x9b}, {&(0x7f0000001880)="bdcc25945d5320762605855bdd5022bce4d5ecd21753f95ce22bbec3d78b5644a4f358945013c7228ccdf35e86770ac02760d99e9206acc59036a49f4b8971cf78556f3c6ca383a03d95fc318a9aeaccfa469ba8a16aa00a2bd34222049e1c038f769d461fd8e623ef4860aee8c34c32e6b311045684f83aae6d36aeb6430fcb2939da257013f355311245f449afac154a6576a3d7f5", 0x96}, {&(0x7f0000001940)="cd96bdb578810f358b2aaaf2ba", 0xd}], 0x6}}, {{0x0, 0x0, &(0x7f0000001fc0)=[{&(0x7f0000001e00)="8f093e579a0ad13bbfa6dfcf5f92e9137fcecd3422187adb2613d1cb2a10ac11024822cad9f16a8b47c13f163ae0a1beeec0926acde449fbfe0e5541045b2c313750354dae2754d46379a01c17bd3c8c6f824123", 0x54}], 0x1}}], 0x2, 0x8804) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 20:37:12 executing program 4: r0 = semget$private(0x0, 0x1, 0x0) semctl$GETPID(r0, 0x3, 0xb, 0x0) 20:37:12 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$bsg(0xffffffffffffff9c, &(0x7f0000000300)='/dev/bsg\x00', 0x410001, 0x0) 20:37:12 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffff}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 20:37:12 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000005540)=[{{0x0, 0xe00403e8, &(0x7f0000000240)=[{&(0x7f0000001340)=""/4067, 0x20002323}], 0x1, 0x0, 0x2000012, 0x1f4}}], 0x1, 0x100, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x170) 20:37:12 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = memfd_create(&(0x7f0000000040)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac', 0x3) write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[], 0xff67) sendfile(r1, r2, &(0x7f0000000000), 0xffff) fcntl$addseals(r2, 0x409, 0x8) close(r0) 20:37:12 executing program 2: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x148, 0x148, 0x2, [@struct={0x0, 0x7, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}]}, @var, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}, @const, @struct={0x0, 0x2, 0x0, 0x4, 0x0, 0x0, [{0xa}, {}]}, @union={0x0, 0x8, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}]}}, 0x0, 0x162}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:12 executing program 1: inotify_add_watch(0xffffffffffffffff, 0x0, 0x550004e0) [ 175.229565][ T8321] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.237546][ T8321] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.527546][ T8321] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 178.867712][ T8321] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 182.499885][ T8321] syz-executor.4 (8321) used greatest stack depth: 24192 bytes left 20:37:22 executing program 0: semctl$GETNCNT(0x0, 0x0, 0x3, &(0x7f00000000c0)=""/43) 20:37:22 executing program 3: r0 = socket$inet6(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup3(r1, r2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$FITHAW(r0, 0xc0045878) 20:37:22 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x41) pwritev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000040)='V', 0x1}], 0x1, 0x81805) sendfile(r0, 0xffffffffffffffff, 0x0, 0x2000005) fsync(r0) 20:37:22 executing program 1: syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0) 20:37:22 executing program 5: r0 = socket$inet(0x2, 0x3, 0x2) sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000140)=@nl=@unspec, 0x80, 0x0}}], 0x1, 0x0) 20:37:22 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet(0x2, 0x3, 0x5) setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="ec"], 0x1) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000080)=0xc) sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0) 20:37:22 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r2, 0x0, 0x0, 0x20000801, &(0x7f0000000100)={0x2, 0x0, @dev}, 0x10) 20:37:22 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_mtu(r2, 0x0, 0xa, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x20000801, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='syz_tun\x00', 0x10) r3 = dup2(r2, r2) write$cgroup_type(r3, &(0x7f0000000080)='threaded\x00', 0xd10a) 20:37:22 executing program 3: 20:37:22 executing program 4: 20:37:22 executing program 2: 20:37:22 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$packet(0x11, 0x3, 0x300) dup2(0xffffffffffffffff, r3) 20:37:22 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:22 executing program 5: r0 = socket(0x11, 0x800000003, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, 0x0, 0x0) 20:37:22 executing program 2: 20:37:22 executing program 3: 20:37:22 executing program 2: 20:37:22 executing program 0: 20:37:22 executing program 3: 20:37:23 executing program 1: 20:37:23 executing program 5: 20:37:23 executing program 2: 20:37:23 executing program 3: 20:37:23 executing program 0: 20:37:25 executing program 4: 20:37:25 executing program 2: 20:37:25 executing program 5: 20:37:25 executing program 0: 20:37:25 executing program 1: 20:37:25 executing program 3: 20:37:25 executing program 2: 20:37:25 executing program 1: 20:37:25 executing program 3: 20:37:25 executing program 0: 20:37:25 executing program 5: 20:37:25 executing program 2: 20:37:25 executing program 4: 20:37:25 executing program 0: 20:37:25 executing program 4: 20:37:25 executing program 2: 20:37:25 executing program 3: 20:37:25 executing program 5: 20:37:25 executing program 1: 20:37:26 executing program 2: 20:37:26 executing program 0: 20:37:26 executing program 5: 20:37:26 executing program 1: 20:37:26 executing program 4: 20:37:26 executing program 3: 20:37:26 executing program 2: 20:37:26 executing program 1: 20:37:26 executing program 3: 20:37:26 executing program 4: 20:37:26 executing program 5: 20:37:26 executing program 0: 20:37:26 executing program 2: 20:37:26 executing program 5: 20:37:26 executing program 1: 20:37:26 executing program 0: 20:37:26 executing program 3: 20:37:26 executing program 4: 20:37:26 executing program 2: 20:37:26 executing program 5: 20:37:26 executing program 0: 20:37:26 executing program 4: 20:37:26 executing program 1: 20:37:26 executing program 3: 20:37:26 executing program 2: 20:37:26 executing program 1: 20:37:26 executing program 5: 20:37:26 executing program 0: 20:37:26 executing program 4: 20:37:26 executing program 3: 20:37:26 executing program 1: 20:37:26 executing program 5: 20:37:26 executing program 0: 20:37:26 executing program 2: 20:37:26 executing program 3: 20:37:26 executing program 4: 20:37:26 executing program 1: 20:37:26 executing program 2: 20:37:26 executing program 0: 20:37:26 executing program 5: 20:37:26 executing program 3: 20:37:26 executing program 4: 20:37:26 executing program 0: 20:37:26 executing program 1: 20:37:26 executing program 5: 20:37:26 executing program 2: 20:37:26 executing program 3: 20:37:27 executing program 4: 20:37:27 executing program 0: 20:37:27 executing program 1: 20:37:27 executing program 2: 20:37:27 executing program 5: 20:37:27 executing program 3: 20:37:27 executing program 4: 20:37:27 executing program 1: 20:37:27 executing program 0: 20:37:27 executing program 5: 20:37:27 executing program 2: 20:37:27 executing program 3: 20:37:27 executing program 1: 20:37:27 executing program 4: 20:37:27 executing program 5: 20:37:27 executing program 0: 20:37:27 executing program 4: 20:37:27 executing program 1: 20:37:27 executing program 2: 20:37:27 executing program 3: 20:37:27 executing program 5: 20:37:27 executing program 0: 20:37:27 executing program 1: 20:37:27 executing program 4: 20:37:27 executing program 2: 20:37:27 executing program 1: 20:37:27 executing program 3: 20:37:27 executing program 5: 20:37:27 executing program 0: 20:37:27 executing program 4: 20:37:27 executing program 1: 20:37:27 executing program 2: 20:37:27 executing program 3: 20:37:27 executing program 0: 20:37:27 executing program 5: 20:37:27 executing program 4: 20:37:27 executing program 1: 20:37:27 executing program 2: 20:37:27 executing program 3: 20:37:27 executing program 5: 20:37:27 executing program 4: 20:37:27 executing program 0: 20:37:27 executing program 1: 20:37:27 executing program 3: 20:37:27 executing program 2: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '.2f', 0x8, 0x11, 0x0, @private2, @local, {[], {0x0, 0x0, 0x8}}}}}}, 0x0) 20:37:27 executing program 5: 20:37:28 executing program 1: 20:37:28 executing program 0: 20:37:28 executing program 4: 20:37:28 executing program 5: 20:37:28 executing program 2: 20:37:28 executing program 4: 20:37:28 executing program 3: 20:37:28 executing program 1: 20:37:28 executing program 0: 20:37:28 executing program 5: 20:37:28 executing program 2: 20:37:28 executing program 4: 20:37:28 executing program 3: 20:37:28 executing program 5: 20:37:28 executing program 1: 20:37:28 executing program 0: 20:37:28 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x0, 0x0) 20:37:28 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x73}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) lsetxattr$trusted_overlay_opaque(0x0, 0x0, 0x0, 0x0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:28 executing program 2: 20:37:28 executing program 3: 20:37:28 executing program 0: 20:37:28 executing program 5: 20:37:28 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x80247008, 0x0) 20:37:28 executing program 1: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) write$binfmt_misc(r0, &(0x7f0000000280)=ANY=[], 0x1) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) [ 188.752142][ T8586] ptrace attach of "/root/syz-executor.5"[8585] was attempted by "/root/syz-executor.5"[8586] 20:37:28 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x4, [@restrict, @const, @restrict, @func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0x64}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:28 executing program 3: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000140)="350b19d685ff", 0x6}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:28 executing program 0: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_SET_PHYS(r0, 0x4008556c, &(0x7f0000000080)='syz0\x00') 20:37:28 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x68, 0x68, 0x4, [@restrict, @const, @restrict, @func, @typedef, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0x84}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 188.914444][ T8599] ptrace attach of "/root/syz-executor.4"[8597] was attempted by "/root/syz-executor.4"[8599] 20:37:28 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653f631d34add7e68f97e2cd1b1fe6853fa070000053c27bc33760036b9405cb4aed12f0000001500ae47a825d86800238ec1c52c4677ddbeaee3b99383fc2df644999fee76ff5d9d5743bad58e9af7a85022085286b7f1d09818edf248af164072d990264b8c47415e79d4a09250787347a3450ed138cca3c45db3132efcb117597c272aa3a56eaee2873667bacbc9cce80373ec861912bd2d91ed6848357dd87ec427df32ce", 0xa7}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) 20:37:28 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setpriority(0x1, 0x0, 0x0) [ 188.945693][ T28] audit: type=1804 audit(1593463048.648:2): pid=8596 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir639664255/syzkaller.Xu1YKU/35/bus" dev="sda1" ino=15846 res=1 [ 188.967035][ T8604] ptrace attach of "/root/syz-executor.3"[8603] was attempted by "/root/syz-executor.3"[8604] 20:37:28 executing program 3: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet6(0xa, 0x1, 0x4) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) 20:37:28 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000001a80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) 20:37:28 executing program 5: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x12c, 0x12c, 0x2, [@union={0x0, 0x5, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}]}, @struct={0x0, 0x8, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, @struct={0x0, 0x8, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, @enum]}}, 0x0, 0x146}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xfffffffffffffd0b}], 0x3, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:28 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x80287010, 0x0) [ 189.036434][ T28] audit: type=1804 audit(1593463048.708:3): pid=8596 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir639664255/syzkaller.Xu1YKU/35/bus" dev="sda1" ino=15846 res=1 [ 189.060754][ T8613] ptrace attach of "/root/syz-executor.5"[8611] was attempted by "/root/syz-executor.5"[8613] [ 189.075380][ T8617] ptrace attach of "/root/syz-executor.4"[8614] was attempted by "/root/syz-executor.4"[8617] 20:37:28 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x3f}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 189.115263][ T28] audit: type=1804 audit(1593463048.708:4): pid=8596 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir639664255/syzkaller.Xu1YKU/35/bus" dev="sda1" ino=15846 res=1 [ 189.154079][ T8626] ptrace attach of "/root/syz-executor.0"[8623] was attempted by "/root/syz-executor.0"[8626] 20:37:28 executing program 1: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x6c, 0x6c, 0x3, [@restrict, @const, @restrict, @typedef, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}]}, {0x0, [0x0]}}, 0x0, 0x87}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:28 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000140)="350b19d685ff191b1495f181db8a13e5c8f028e6", 0x14}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:28 executing program 3: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd8, 0xd8, 0x2, [@struct={0x0, 0x8, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, @struct={0x0, 0x8, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}]}}, 0x0, 0xf2}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xfffffffffffffd0b}], 0x3, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:28 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$packet(0x11, 0x2, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x70, 0x70, 0x3, [@restrict, @const, @restrict, @func, @typedef, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}]}]}, {0x0, [0x0]}}, 0x0, 0x8b}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x33) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) 20:37:29 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000002c0)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f00000017c0), 0x1a2, 0x0) 20:37:29 executing program 1: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x41, 0x0) open(0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/crypto\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000000005) socketpair$unix(0x1, 0x0, 0x0, 0x0) [ 189.298908][ T8638] ptrace attach of "/root/syz-executor.0"[8635] was attempted by "/root/syz-executor.0"[8638] [ 189.301734][ T8640] ptrace attach of "/root/syz-executor.2"[8639] was attempted by "/root/syz-executor.2"[8640] 20:37:29 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$packet(0x11, 0x2, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x4, [@restrict, @const, @restrict, @func, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], "ae"}, @typedef, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0xd8}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x33) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) 20:37:29 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x3, [@int={0x0, 0x0, 0x0, 0x1, 0x0, 0x13}, @const={0x3}]}, {0x0, [0x0]}}, 0x0, 0x37}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:29 executing program 3: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() pause() bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x5d, 0x5d, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{}]}, @datasec={0x0, 0x1, 0x0, 0xf, 0x1, [{}], "a7"}, @typedef, @const, @func, @restrict]}}, 0x0, 0x7a}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) [ 189.345122][ T8649] ptrace attach of "/root/syz-executor.3"[8646] was attempted by "/root/syz-executor.3"[8649] [ 189.350589][ T8650] ptrace attach of "/root/syz-executor.5"[8647] was attempted by "/root/syz-executor.5"[8650] 20:37:29 executing program 3: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x3, [@restrict, @const, @restrict, @var]}, {0x0, [0x0]}}, 0x0, 0x4f}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:29 executing program 0: r0 = socket(0x18, 0x0, 0x2) connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @remote}}, 0x1e) 20:37:29 executing program 5: 20:37:29 executing program 2: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x11c, 0x11c, 0x2, [@union={0x0, 0x5, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}]}, @struct={0x0, 0x8, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, @struct={0x0, 0x6, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}]}, @enum={0x0, 0x1, 0x0, 0x6, 0x4, [{}]}]}}, 0x0, 0x136}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xfffffffffffffd0b}], 0x3, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:29 executing program 3: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() pause() ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x0, 0x0, 0x0) tkill(r0, 0x33) 20:37:29 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000040)=0x27, 0x4) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:29 executing program 5: socketpair$unix(0x1, 0x40000000000001, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x458, 0x5013, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x49, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x1dc}}}}]}}]}}, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16, @ANYBLOB="000125bd7000ffdbdf250100000008000200040000004800018014000400fe880000000000000000000000000101060005004e22000005000200010000000500020080000000060005004e210000060005004e24000008000700", @ANYRES32=0x0, @ANYBLOB="7bfa531a315f355144836e4393b17796abd8c68893dc5f7276592ec0e5d649f677bdb23a11cdd05b333a5bcc7e4e34f4e963060963c029f5b85c9f6278a9134205582ddeb3b0e1e1feefaae15012716e75894bdee123f5b8356f8280c3e06a58e2b6454be1b8c39806a16725acc0c9b7fa480cddf6888752181cf9846dd7cc9f81def2aebff16e1ededc4a5387379374a018bcc144bbad11fcfc20a4d1eef23c373a97c74c448674e5594a08b5bdbcc12d2e76a89c0f68fa2e9141c0d5b363164e2c7aad1260d34ca9b306df6e24678f"], 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x42000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="3800000010000507000200960000000000000000521dc2061322451348bc2ed63947f55fb86ebff18b21a7f4f7e5295bc1c72de85caee226d93de1143882d6b3bf92047e734dc8a006efe90bbf0e44e414a0efca7bfe0d2088e8a44df442c803c1346f6fc776208fec77aa", @ANYRES32, @ANYBLOB="00000016010000001800120008000100736974000c00020008000300", @ANYRES32], 0x38}}, 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io(r3, &(0x7f0000000140)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="0450b003"], 0x0, 0x0, 0x0, 0x0}, 0x0) 20:37:29 executing program 4: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0x4240a543) socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, 0x0) recvfrom(r3, &(0x7f0000000040)=""/184, 0xffffffc9, 0x40012584, 0x0, 0xfffffe53) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x8100004, 0x0) [ 189.967056][ T2585] usb 6-1: new high-speed USB device number 2 using dummy_hcd 20:37:29 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000002c0)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000340)='net/dev_mcast\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f00000017c0), 0x1a2, 0x0) 20:37:29 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002900)=[{{0x0, 0x0, &(0x7f0000002880)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) preadv(r0, &(0x7f00000017c0), 0x1a2, 0x402) 20:37:29 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000300)={0x2, 0x200000000004e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0x100000530) 20:37:29 executing program 0: r0 = socket(0x18, 0x0, 0x2) connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @remote}}, 0x1e) [ 190.206964][ T2585] usb 6-1: Using ep0 maxpacket: 16 20:37:30 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002900)=[{{0x0, 0x0, &(0x7f0000002880)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) preadv(r0, &(0x7f00000017c0), 0x1a2, 0x402) 20:37:30 executing program 1: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x3, [@fwd, @const, @restrict, @typedef, @int]}, {0x0, [0x0]}}, 0x0, 0x5b}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:30 executing program 0: unshare(0x2000400) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x7001, 0x0) [ 190.327359][ T2585] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 73, using maximum allowed: 30 [ 190.360866][ T2585] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 20:37:30 executing program 1: unshare(0x2000400) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x40247007, 0x0) 20:37:30 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002900)=[{{0x0, 0x0, &(0x7f0000002880)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) preadv(r0, &(0x7f00000017c0), 0x1a2, 0x402) [ 190.402332][ T2585] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 190.425530][ T2585] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 73 20:37:30 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@restrict, @const, @restrict]}, {0x0, [0x0]}}, 0x0, 0x3f}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 190.470889][ T2585] usb 6-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 190.517764][ T2585] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.559035][ T2585] usb 6-1: config 0 descriptor?? [ 191.060216][ T2585] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.0001/input/input6 [ 191.082562][ T2585] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.0001/input/input7 [ 191.174588][ T2585] kye 0003:0458:5013.0001: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.5-1/input0 [ 191.260920][ T3788] usb 6-1: USB disconnect, device number 2 [ 192.037156][ T2585] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 192.296943][ T2585] usb 6-1: Using ep0 maxpacket: 16 [ 192.447170][ T2585] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 73, using maximum allowed: 30 [ 192.457965][ T2585] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 192.469737][ T2585] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 192.479740][ T2585] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 73 [ 192.492949][ T2585] usb 6-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 192.502186][ T2585] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.513479][ T2585] usb 6-1: config 0 descriptor?? 20:37:32 executing program 5: r0 = socket(0x10, 0x803, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x2, &(0x7f0000000000), 0x20a154cc) 20:37:32 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002900)=[{{0x0, 0x0, &(0x7f0000002880)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) preadv(r0, &(0x7f00000017c0), 0x1a2, 0x402) 20:37:32 executing program 1: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x4, [@restrict, @const, @restrict, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0x6c}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:32 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x7003, 0x0) 20:37:32 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002900)=[{{0x0, 0x0, &(0x7f0000002880)=[{&(0x7f0000001640)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x1a2, 0x402) 20:37:32 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() pause() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) socketpair$unix(0x1, 0x0, 0x0, 0x0) 20:37:32 executing program 1: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x41, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/crypto\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000000005) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 20:37:32 executing program 0: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0x4240a543) socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom(r3, &(0x7f0000000040)=""/184, 0xffffffc9, 0x40012584, 0x0, 0xfffffe53) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x8100004, 0x0) 20:37:32 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x44, 0x44, 0x4, [@restrict, @restrict, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0x60}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:32 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002900)=[{{0x0, 0x0, &(0x7f0000002880)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) 20:37:32 executing program 5: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000002c0)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000340)='net/dev_mcast\x00') preadv(r0, &(0x7f00000017c0), 0x1a2, 0x0) [ 192.887018][ T2585] usbhid 6-1:0.0: can't add hid device: -71 [ 192.893149][ T2585] usbhid: probe of 6-1:0.0 failed with error -71 20:37:32 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x3, [@restrict, @const, @restrict, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}]}, {0x0, [0x0]}}, 0x0, 0x6b}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:32 executing program 4: syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x10}}}}}]}}]}}, 0x0) [ 192.937489][ T2585] usb 6-1: USB disconnect, device number 3 20:37:32 executing program 2: unshare(0x2000400) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x7004, 0x0) 20:37:32 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002900)=[{{0x0, 0x0, &(0x7f0000002880)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x4) 20:37:32 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x4, [@restrict, @const, @restrict, @func, @typedef]}, {0x0, [0x0, 0x0]}}, 0x0, 0x58}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:32 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@restrict]}, {0x0, [0x0, 0x0]}}, 0x0, 0x28}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:32 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x16, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4c}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x8}, @exit]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 193.396956][ T3790] usb 5-1: new full-speed USB device number 2 using dummy_hcd 20:37:33 executing program 1: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000193c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x120, 0x120, 0x3, [@struct={0x0, 0x9, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}]}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}, @enum={0x0, 0x6, 0x0, 0x6, 0x4, [{}, {}, {}, {}, {}, {}]}, @var, @fwd, @func, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{}]}]}, {0x0, [0x0]}}, 0x0, 0x13b}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xffffffffffffff3a}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 193.777405][ T3790] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 20:37:33 executing program 0: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uhid\x00', 0x2, 0x0) writev(r0, &(0x7f0000000400)=[{&(0x7f0000000180)="91", 0x1}], 0x1) 20:37:33 executing program 2: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc0, 0xc0, 0x2, [@union={0x0, 0x5, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}]}, @struct={0x0, 0x8, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, @enum]}}, 0x0, 0xda}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xfffffffffffffd0b}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:33 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002900)=[{{0x0, 0x0, &(0x7f0000002880)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x4) 20:37:33 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:33 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 193.957495][ T3790] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 193.966566][ T3790] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.981818][ T8880] __report_access: 15 callbacks suppressed [ 193.981829][ T8880] ptrace attach of "/root/syz-executor.2"[8877] was attempted by "/root/syz-executor.2"[8880] [ 193.995975][ T8878] FAT-fs (loop5): bogus number of FAT sectors [ 194.004341][ T8878] FAT-fs (loop5): Can't find a valid FAT filesystem [ 194.012736][ T3790] usb 5-1: Product: syz [ 194.017960][ T3790] usb 5-1: Manufacturer: syz [ 194.022651][ T3790] usb 5-1: SerialNumber: syz [ 194.054341][ T8878] FAT-fs (loop5): bogus number of FAT sectors [ 194.103985][ T8878] FAT-fs (loop5): Can't find a valid FAT filesystem [ 194.274685][ T3790] usb 5-1: USB disconnect, device number 2 [ 195.066987][ T3788] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 195.477058][ T3788] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 195.667171][ T3788] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 195.676417][ T3788] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.685594][ T3788] usb 5-1: Product: syz [ 195.690522][ T3788] usb 5-1: Manufacturer: syz [ 195.695131][ T3788] usb 5-1: SerialNumber: syz 20:37:35 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x5c, 0x5c, 0x4, [@restrict, @const, @restrict, @func, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0x78}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:35 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002900)=[{{0x0, 0x0, &(0x7f0000002880)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x4) 20:37:35 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/crypto\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendfile(r1, r0, 0x0, 0x20000000005) 20:37:35 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x3, 0x0, 0x0, 0xffffffc1}]}, 0x10) 20:37:35 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:35 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 195.958878][ T3790] usb 5-1: USB disconnect, device number 3 20:37:35 executing program 4: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270fff8", 0x17}], 0x0, 0x0) 20:37:35 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) 20:37:35 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$packet(0x11, 0x2, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xad, 0xad, 0x3, [@restrict, @const, @restrict, @func, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], "ae"}, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}]}]}, {0x0, [0x0]}}, 0x0, 0xcb}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x33) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) 20:37:35 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) [ 196.072831][ T8930] FAT-fs (loop5): bogus number of FAT sectors [ 196.081675][ T8930] FAT-fs (loop5): Can't find a valid FAT filesystem [ 196.091321][ T8933] ptrace attach of "/root/syz-executor.4"[8931] was attempted by "/root/syz-executor.4"[8933] 20:37:35 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$packet(0x11, 0x2, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xad, 0xad, 0x4, [@restrict, @const, @restrict, @func, @datasec={0x0, 0x4, 0x0, 0xf, 0x1, [{}, {}, {}, {}], "ae"}, @typedef, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0xcc}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x33) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) 20:37:35 executing program 4: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0x4240a543) socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000000)={'syz_tun\x00', {0x2, 0x4e22, @broadcast}}) recvfrom(r3, &(0x7f0000000040)=""/184, 0xffffffc9, 0x40012584, 0x0, 0xfffffe53) splice(r0, 0x0, r2, 0x0, 0x8100004, 0x0) 20:37:35 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 196.188163][ T8939] FAT-fs (loop4): bogus number of directory entries (2) [ 196.224549][ T8939] FAT-fs (loop4): Can't find a valid FAT filesystem [ 196.274306][ T8949] ptrace attach of "/root/syz-executor.2"[8945] was attempted by "/root/syz-executor.2"[8949] [ 196.302281][ T8953] FAT-fs (loop5): bogus number of FAT sectors [ 196.311575][ T8953] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:36 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) 20:37:36 executing program 2: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000002c0)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x1a2, 0x804) [ 196.314171][ T8956] ptrace attach of "/root/syz-executor.0"[8950] was attempted by "/root/syz-executor.0"[8956] 20:37:36 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r2, 0x6, &(0x7f0000000040)={0x1}) r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r3) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RREADLINK(r4, &(0x7f00000003c0)=ANY=[], 0xc) 20:37:36 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:36 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:37:36 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) 20:37:36 executing program 2: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uhid\x00', 0x2, 0x0) writev(r0, &(0x7f0000000400)=[{&(0x7f0000000180)="91e6de79", 0x4}], 0x1) 20:37:36 executing program 0: socketpair$unix(0x1, 0x40000000000001, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x458, 0x5013, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x49, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x1dc}}}}]}}]}}, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16, @ANYBLOB="000125bd7000ffdbdf250100000008000200040000004800018014000400fe880000000000000000000000000101060005004e22000005000200010000000500020080000000060005004e210000060005004e24000008000700", @ANYRES32=0x0, @ANYBLOB="7bfa531a315f355144836e4393b17796abd8c68893dc5f7276592ec0e5d649f677bdb23a11cdd05b333a5bcc7e4e34f4e963060963c029f5b85c9f6278a9134205582ddeb3b0e1e1feefaae15012716e75894bdee123f5b8356f8280c3e06a58e2b6454be1b8c39806a16725acc0c9b7fa480cddf6888752181cf9846dd7cc9f81def2aebff16e1ededc4a5387379374a018bcc144bbad11fcfc20a4"], 0x64}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="3800000010000507000200960000000000000000521dc2061322451348bc2ed63947f55fb86ebff18b21a7f4f7e5295bc1c72de85caee226d93de1143882d6b3bf92047e734dc8a006efe90bbf0e44e414a0efca7bfe0d2088e8a44df442c803c1346f6fc776208fec77aa", @ANYRES32, @ANYBLOB="00000016010000001800120008000100736974000c00020008000300", @ANYRES32], 0x38}}, 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io(r3, &(0x7f0000000140)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="0450b003"], 0x0, 0x0, 0x0, 0x0}, 0x0) [ 196.573246][ T8975] FAT-fs (loop5): bogus number of FAT sectors 20:37:36 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) 20:37:36 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x7002, 0x0) [ 196.617615][ T8975] FAT-fs (loop5): Can't find a valid FAT filesystem [ 196.981048][ T3788] usb 1-1: new high-speed USB device number 2 using dummy_hcd 20:37:36 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) bind$inet6(r2, &(0x7f0000000040), 0x1c) listen(r2, 0x0) 20:37:36 executing program 5: syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:36 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e37, 0x0, @ipv4={[], [], @local}}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 20:37:36 executing program 3: openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) 20:37:36 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) socket$inet6(0xa, 0x2, 0x0) 20:37:36 executing program 3: openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) [ 197.227195][ T3788] usb 1-1: Using ep0 maxpacket: 16 20:37:37 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$packet(0x11, 0x2, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb1, 0xb1, 0x4, [@restrict, @const, @restrict, @func, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], "ae"}, @typedef, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0xd0}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x33) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) 20:37:37 executing program 5: syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:37 executing program 2: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000193c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x128, 0x128, 0x4, [@struct={0x0, 0x9, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}]}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}, @enum={0x0, 0x7, 0x0, 0x6, 0x4, [{}, {}, {}, {}, {}, {}, {}]}, @var, @fwd, @func, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0x144}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xffffffffffffff3a}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 197.347221][ T3788] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 73, using maximum allowed: 30 [ 197.382427][ T3788] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.421930][ T9030] ptrace attach of "/root/syz-executor.4"[9029] was attempted by "/root/syz-executor.4"[9030] [ 197.445372][ T3788] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.446266][ T9034] ptrace attach of "/root/syz-executor.2"[9032] was attempted by "/root/syz-executor.2"[9034] [ 197.467156][ T3788] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 73 [ 197.494983][ T3788] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 197.516795][ T3788] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.577543][ T3788] usb 1-1: config 0 descriptor?? [ 198.052159][ T3788] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.0002/input/input8 [ 198.071198][ T3788] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.0002/input/input9 [ 198.175814][ T3788] kye 0003:0458:5013.0002: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.0-1/input0 [ 198.260290][ T3788] usb 1-1: USB disconnect, device number 2 [ 199.046982][ T3788] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 199.287018][ T3788] usb 1-1: Using ep0 maxpacket: 16 [ 199.407314][ T3788] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 73, using maximum allowed: 30 [ 199.418523][ T3788] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.429973][ T3788] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 199.440345][ T3788] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 73 [ 199.453601][ T3788] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 199.463705][ T3788] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.479016][ T3788] usb 1-1: config 0 descriptor?? 20:37:39 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000000000001, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xffffffffffffffff, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000140)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x240, 0x0, 0xfffffffffffffe98) 20:37:39 executing program 3: openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x4) 20:37:39 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x0) fcntl$lock(r2, 0x6, &(0x7f0000000040)={0x1}) 20:37:39 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000002c0)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000340)='net/dev_mcast\x00') preadv(r0, &(0x7f00000017c0), 0x1a2, 0xb8) 20:37:39 executing program 5: syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:39 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) socket$inet6(0xa, 0x2, 0x0) 20:37:39 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$packet(0x11, 0x2, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x4, [@restrict, @const, @restrict, @func, @datasec={0x0, 0x3, 0x0, 0xf, 0x1, [{}, {}, {}], "ae"}, @typedef, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0xc0}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x33) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) [ 199.797061][ T3788] usbhid 1-1:0.0: can't add hid device: -71 [ 199.803486][ T3788] usbhid: probe of 1-1:0.0 failed with error -71 20:37:39 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) sendfile(r0, r0, 0x0, 0x4) 20:37:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', 0x0, 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:39 executing program 4: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r1, 0x7ff) [ 199.913121][ T3788] usb 1-1: USB disconnect, device number 3 20:37:39 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) sendfile(r0, r0, 0x0, 0x4) 20:37:39 executing program 2: r0 = socket(0x11, 0x2, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "000001000000000008fc9d71fc00000000000000f8ffff002e0b3836005404b0d6301a4ce875f2e3ff5f163ee340b76795008000f8000000000104003c5811039e15775027ecce66fd792bbf0e5bf5ff9b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ff42c65400"}, 0x80) sendmmsg$inet(r0, &(0x7f0000000f80)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000140)="0b93eaff25428b519e1d0d35e19a3ea69f03bdbc29df750ecada3d1866b427f46c52e73e89b4994bd5071cf43d8413a02f7cafb1dd15d692c47e7325", 0x3c}, {&(0x7f0000000180)="f6aa8f6e8e21ce960bc57073e42cb9b00b8f8673d6fe67aa3495ed051a25be", 0x1f}, {&(0x7f00000001c0)="700c7e553c348b7b978cd55292026685184a9f1b848d87447f63304b25321425b1", 0x21}, {&(0x7f0000001200)="10e65ff9977a9e3542b4adfca7c3d9fd4d0f956a0dbcfcf5da4fdcc8686a25c93370b1aa973d626328a4021a30942d9623b060bf97135e2812dfa51fbf1775358f2730192d16c33b5cc84ce122995095eeb4c1dff01ba527d84895f22d2297192abed1549f9a64352af6792b997d8cab42caa3a7ce5f9c9c823aa7e9f74aebb6e30a613a1c2608aa0c88919079644f72b0c35115888458ff8156f4ffe1ea878645550e29e9d6d2b23a8d8d20cb4323622dba2ceed5cb50db79637a562e5ee800cc89b4fc1cbccd8ccec558e41d8bf10d65f5110cf9a471a3029fc98b2154b8d726a98c7e0238a2b356b2ea951bd50fb53b29e6530f0938f0a83d9eb9557a5ad185371a077ff5c6b392f388eb3042f63952ad46d04fc1ebd18f954cef550b07e23d5221bf5d359cabffe28b46e6be73d291899d23f4bace670bab0ca8e4f9e075959b5ee7c36a11ec2210eedb52c250f95a2af64ddb77ae402c60745e4fc3307abaf692c36ecc35fdd9f4652c4ca865a2ab8a2a313812e3eeaed5b469eeb6def033b833ecd512d4a6cb12b9df1516484ce8c4e409d62dc78d8be97e7dc0fce9ed11836efdee8a7f1c4ef22cb5f886e46e506570cb9721b6026d1ed0f4b8ddf0671fa2fa9d0be2f0b8e86dac5ea8b6c0dae029ff44fa6c9f7fc90ad1ecce1db03498b6942f1a2f860be2a83fcc49de7d984d357467bc1a9e57da4a1e3c7d595fc44e87feee700446bc03496c1a6807586fa818fc997aa5120ad2889e1759be64c5cf5d72b64433eda5819b25d2632c0a6e8c72e70ec4785b5bd42003fb526513af061d0535afca0d6069723025f2831565031ce0dd4af4b5371f3636a093d63b61dfba238dc879adf0f4d95d1b2129c17d894f60a07f6ac1104cb6bdce97727298135c35c26f9a750b92b0efe5fe1b4c02a19477caff343ae786703179f78a4bd87419de111f99682456d7caa0161191d7a2d3635e1893b15864e4e559d78fa00e2d21b90f65fb56e0f9e64a6a7244883332c34ac9fda87e73f29056a3a9936ca4e541631c6a0316ab085a9b4b511d8f61f7eacb1cb3722e0761d6a820b7d064c3ed5b5e5d3d8eccd9e5686aea7fa0bc8d7e7b75d3bac0dfbf207e9f9a79500724f95c1418554831e0d02b6dbba34bccc9bae16a6c5bb5d6f0454a2747271c04301819f0ea46672bb10ebeb51ed1621a4ed8ec70153ee7bab59e082b86a04d549b9d1d235fd310a7482ba82267e28a108d0e268b734eb34a3c8641c9b327280bffd0aa0ebed51b16c0f3d8fca38c0a440322b07f2a7d3e0281b79f58d3dedf91e19d007b3b3511215cf8744c843b4783a6026a67b989cdda9485ca351a64468c4bcd3496d22a4e918b4dca1031023c324b995853f12248ea05b5ad5039205035bceb66af1fdbd24e4a86ac706cb9f2df5569c94a39493291a29586d75c473a0ba0e465e8baa6328e7dfa8e8ca0a79c3fb5285d27f57ef3913af8b65d23c76f08db30791981b6aa79c82dcddc4750392ae74df8a00f85f5c8faeba1183bd9547f657f4f10859be1c1b89984177025a5b451668c80ad04e5be06fb2dfa3378312669d6d7dbe11985a4befe0a23938df8bcfdb399b69e04e51b7ad1c9c07b26464fdfeb81dccfa63c59ccd8ab142ddf31969871b7b8d3363076eae1f6d44f08a0ba4b2127e62ff48a9f6cf3e8c44a57f44494fd7dddc62feb4840932f15df5b76a9636026f72f3236bdcf6ee2e5564326c4159b2ed4153dec5ede420a98a8a375d545a7cf1bc38c98547db5a5924e556d52d7516330af5315b9d4bbb82668f605ca536f47da6ad3b156e77a5f26ed6dd912ad7448c3014e588af362dfe7643047ab6cd7e16d8cf1d5d38a214320cf6750a23b9f7a43162a341e6c59847086dabdde1029b1140b129ca1d05486ec6a5968b577504b6bc3f8cae9238f42a5cf418a68a2adc4eabd3cd1bea46f661779d334bea5e54baa95a2f845c53d9ea49de4941db659c7b20ce736c6eba53e8563c7f20f09c156ee38857d2c9e17fff33b49e362afb262a1ff3b62e185a89715a5b123ef9337913c2516af403d741f6e6497ab8fe2b221ddb0d6d73373e9b596f7696b04b789eb9946e37d73431038950c7f4f2594c0aaedaa3153ac51b63fae25b3e879f7f627f998028e190c1c0e79712de64ef0d7cc9e66c07472b249073c62af79abcdbed6006437ad46dbb1b0798b34f925e0e20a1aee4fdfe4d8bd7310eaa1639244c42ad290d5dbdb8938717c40209d0d8da14f991fe8797fa418caf02a78ba1347d974eb5e3ea33e36572ce334a565099add380512f58748e3b11ce34c6b803f9000d4ba68b1cd0cb75acc89dfe9db10ee1efecd60401bc1729219e5f5d70f7c6baffad63802af30b28cbe7a5eb746578f59d1db89194736c5232e6f18e1fe35c83b320fa6e4fa68ddb2a2ca8ed6d78dc56a137255aabb6e3e4798b2fc5d54a9427c69c0e296f151043da931bc3eb84bf03966bb40823c494bef2465753e16e7964b797d23daa83d8e488a8eb7c56d339a1edc56ed23a1fb0df4e159d065727b4c6eb592ce5109b505e15ee798d959dd0bf4b606329bf57cb5be9707bdb1f80fc00eb72057daaebd27e2561bb45f76a83a13dfee5f282959912fcbc0d1ae73745ef1d2ffed34a24d3a5c3f32e62f430e828eb4debf10958bb9967e1a500db7127de2a139546b807aaac39980139316ed16716d61ac3e84582dfa7a9bf1308c16b0686215f7955e871af703a0c0b2b51fa51cc406e9d4a37f85397928d3c76dbea8dac494d453026ac607c8fdb0a249a0e28d25f04b78a39ed744c91c9dc3947c731115a8144ef080abdcec3597917a0b030a2e75a7185ddcf742c30cf8af4ec20c47279e41beafdb604ae360ae58a0c599f9ed78b885bc2de5255e2f3fdab5006b2c5b026d9d63df6f2c6345f17cf4542e6e4c6669a6857d9eba78565003dd1066f78dfce9b00f398ded54a3860cd68ccf6afb6151ab87ff7366907bce9cd96e9f610d78f0ee4236759fa83ceeb8fd634c2b9038c062a754974299a1e260da10cc598e18166c56703c6910094e4a3397f587fd8f88334f58381dd4832276265bb14144fd3688190d909f77bbbc8f3d1ab8ff0281fe701502a0e5e72e187bc5fcf8190822448d12dad7b11cadcd38d0079be0e0d78a5b9be61be2ea146831e2d9a0b6478ea119845af8a3cea90579d3839b72de75e830106313c5c2e10ca60de5bafde1667856490f69b5bd22c43f07dd1bde23b1b789f475fe8fbafb41ad8d6800cc09945db2ee9adf88efec0617687a6b7e9eb0ad290ba22608df5fa3462537d1972e2efc5bf78abb47eb3494094fce4accb3ce7f25f95a29b252c9e29cf46dd849e81f3cf9e81548fef447413cd0738c7cb8fa9b92e94f2a56f978a260344ad101bd5e8ac918ac36f629317a3b3de604825fc1b40be90c2fd370cdba4659f3a6aca7556936f1763b8e3888e3981f606f9130a42660e1ab3c5b6049692f049b0b8affefb6a1be4f5edf17cd5d5c89488bacf8c732d918cc7055cb6cbb844b4dea3c1a35430bd646a9b463fea87f1ef84b0e18f4cc2671b155733fc0d9919084ebfe87d60b46b82a5a16658393c2c5b3027f04ca3b1bd6ce48e3dd90e931fdafb8e072f704baf3ba7dc68c6b9e8b4d70f626bc550c0051c5dea9a48daf9b93db8b8026b3ff9da9b67f133d77f11d512842000dd5475938eecd7e54e4e4e2cc5b15726bf48c2f005aa50c13012282628d67c6c1a0a5f927cd3aa62e3422f63d3b9fe77e2698ff71597c8e9ceaf597b562b81d6827050f47b667ae4d7a34584ca3dd927f4971c34577fa8377f7da91d3295da10df900f03665ddcc0a0725bc07bec27c0a20926896564ae5984e01679250c69bc2bf525df65692f781fa2d386c56a219c50e34894a5435805e19b7ee1b41d5e8cca36993640e637d388575cfdad03a900c4e7ce6330251cc2efb4f16ab4884ee7f86462048581041447efe59bebecc0ba148574ef6ad806491abc9b939999099b8fd52a0a10f9d68dbf59c8065ee273db45e6e905a4969ac52a906831e2f4d6af60ee40f00bc7c42f44a1dfe030c262367852c9169a2a38aa01823ebc0e8393823237e80a4ffe95f0755aeb0eb6359705a1f53939306552a93344b8a71a8b93e982b4fa3a198615cee3f301acf87f9e64c6483fc9902fe52e3e184842697709160ff6e6b1d6e2a4c4d5994cefeab7245c14af3e8057e63d1144c43f52f933b7a77a6b27bb7c1ad445e3baf36b1645284fa4d886a092c4cbc29fb366b1e71d901db79191e967928a64e196010e2c1ed7d3d35da5a0aa09c9c061c1e952f49626a3432af5d91705eb115982b53b2b6d283dd35280570a738280fa2da88a24a6bc4d2d4226f1a66024bd14c2f150724d5aacefb0929e64ac401668475bb79b0fd3f328184df42b0bca86c2b3b97080a2dd54002559c3a5ad3e1c5880ce3b1068b2aeda2a1025fb185811b8a4a219b78c8ac2f28dd713b21c676cba6e0fc20e18916c5671fa45872affab742d0df66fc28e0f298c9f95a20ab9fd3df5d8243118706bc94bebbeb66815237c7c450df3c0adb86ed2e6fc5c37a3d4e6fdcf65c657234e666431ab64025920536438030cf7bb9a10fa523d4344f492e53d365986982baacff5dd02171da99375e54820efc04584a4d3c5e9590fd9f9d28aa343a3f63fb763e2610c0e76ca7a32cd82554f2c66c8bc79a46b4dc56f6ff17ffbda47952954230931e5b039fb9223dda47de446430d3075d6cc44fe76165893b4b56dd0ca24d378e6d3749c8fd87dc53508bb341098eae68b8e2937ceba4bc42e6df8cf8ac5c86229df54a9b175fc4e2cba17e122c7345f097b0e016162ce54384ba2b1280aa82c97e81d989a16c672645ea481f3e7533f77aeec11e01a3bec6ef0eb4671feed6a7c9b5d663a0eaf1dd618e6a34ee8ce825275d8ef1216b5bb2843819752eff046dd26faf238292fc20c759b6d6cc543af9d6200c6bb8c751c1b429ea0d14e5f0b346bc36913e895f6ea2ec924fcf1f2ffcf6d21fc4bd7bbbe27a1a7f8e6558b9b85acdbfdc4bf932f7a9e0ad85254569262c8f24b880f3e62208b98f6d3d123d4252076120b432ae4db022f7fe4ce2cb9b9d4aa7bfc8b558a8f9b9b7463faaed25f3e6ecf6357ac69a1d0d445a4ad72792980ed4e5cf19a671839aed1e763c3d0bfa2940449184cf10f49db20fd6e2848c93452d72aaba3a4c84150c43e40195b50afdb32be8635cfa4ba890d5e07cb3abafc945dbf026e122a0f6e88751c0fa133a2aab6a8b2ddf56cef93c89a7214472e22389b82828f6d48f68199522902deb85d9e3100cabb67c4dfd01c6a556dd75a9f43525ee2872f841a8e3cd9b3373df5248d00623fb973028b152caffacaee90e6767d5641de7e1b2b373990b63deeae75d5372fb843f0cc1b7245b145286297d1e48fd2bbbd528530f52e26c8b8884dd6db4b6beb7366753d735490e4db861178757ab4f070514e61aa4b2aa4b409bbc0e2441f72609dbb6f6bd10908ce74cbb83e48c945e24fad45d713fd188fe38527f7a7b89fbf2ccc676605aa93dd784", 0xf74}], 0x4}}], 0x1, 0x0) [ 199.966126][ T9123] ptrace attach of "/root/syz-executor.2"[9121] was attempted by "/root/syz-executor.2"[9123] 20:37:39 executing program 0: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x34}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xfffffffffffffd0b}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ioctl$FITHAW(0xffffffffffffffff, 0xc0045878) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:39 executing program 0: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f00000002c0)='./bus\x00') open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0406618, &(0x7f0000000400)={{0x0, 0x0, @reserved="a04cfdf4b5dc94d13b3000772e8b7d5107a28db6fbdacbf8198791c714abf0d8"}}) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f00000003c0)={0x0, 0x0, 0x3e, 0x0, 0x0, [{}]}) 20:37:39 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) sendfile(r0, r0, 0x0, 0x4) 20:37:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', 0x0, 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) [ 200.104633][ T9141] ptrace attach of "/root/syz-executor.0"[9140] was attempted by "/root/syz-executor.0"[9141] 20:37:39 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@restrict, @restrict]}, {0x0, [0x0, 0x0]}}, 0x0, 0x34}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 200.250599][ T9154] ptrace attach of "/root/syz-executor.2"[9153] was attempted by "/root/syz-executor.2"[9154] [ 200.293820][ T28] audit: type=1804 audit(1593463059.998:5): pid=9159 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir062270910/syzkaller.6pGPuG/60/bus/file0" dev="sda1" ino=15949 res=1 [ 200.303975][ T9146] overlayfs: './file0' not a directory [ 200.374044][ T28] audit: type=1804 audit(1593463060.028:6): pid=9160 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir062270910/syzkaller.6pGPuG/60/bus/bus/file0" dev="sda1" ino=15953 res=1 [ 200.421527][ T28] audit: type=1804 audit(1593463060.028:7): pid=9159 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir062270910/syzkaller.6pGPuG/60/bus/bus/file0" dev="sda1" ino=15953 res=1 20:37:40 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) socket$inet6(0xa, 0x2, 0x0) 20:37:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x14, 0x3, 0x3, 0x101}, 0x14}}, 0x0) 20:37:40 executing program 4: r0 = perf_event_open(&(0x7f0000000000)={0x1000000000000001, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000140)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x240, 0x0, 0xfffffffffffffe98) 20:37:40 executing program 0: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x12c, 0x12c, 0x2, [@union={0x0, 0x5, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}]}, @struct={0x0, 0x8, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, @struct={0x0, 0x8, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, @enum]}}, 0x0, 0x146}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xfffffffffffffd0b}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:40 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(0xffffffffffffffff, r0, 0x0, 0x4) 20:37:40 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', 0x0, 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:40 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(0xffffffffffffffff, r0, 0x0, 0x4) 20:37:40 executing program 2: syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x2, &(0x7f0000000140)=@string={0x2}}, {0x38, &(0x7f00000001c0)=@string={0x38, 0x3, "85742c648e3d3ec98c7d672569dc39785651b31fb52b0676f6e15cb7dacfb6fe9d2197fb55233c4bbb8d2c77c2be1eae8c174400dcdc"}}]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 20:37:40 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x3, [@restrict, @const]}, {0x0, [0x0]}}, 0x0, 0x33}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 200.761080][ T9183] ptrace attach of "/root/syz-executor.0"[9179] was attempted by "/root/syz-executor.0"[9183] 20:37:40 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:40 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setitimer(0x0, 0x0, 0x0) 20:37:40 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(0xffffffffffffffff, r0, 0x0, 0x4) [ 200.922258][ T9196] FAT-fs (loop5): bogus number of reserved sectors [ 200.938941][ T9200] ptrace attach of "/root/syz-executor.0"[9198] was attempted by "/root/syz-executor.0"[9200] [ 200.945417][ T9196] FAT-fs (loop5): Can't find a valid FAT filesystem [ 200.988051][ T9203] syz-executor.4 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 201.204776][ T3788] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 201.476941][ T3788] usb 3-1: Using ep0 maxpacket: 8 20:37:41 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) dup3(0xffffffffffffffff, r0, 0x0) 20:37:41 executing program 0: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0x4240a543) socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) dup(0xffffffffffffffff) recvfrom(r3, &(0x7f0000000040)=""/184, 0xffffffc9, 0x40012584, 0x0, 0xfffffe53) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x8100004, 0x0) 20:37:41 executing program 4: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x11c, 0x11c, 0x2, [@union={0x0, 0x5, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}]}, @struct={0x0, 0x8, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, @struct={0x0, 0x6, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}]}, @enum={0x0, 0x1, 0x0, 0x6, 0x4, [{}]}]}}, 0x0, 0x136}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xfffffffffffffd0b}], 0x3, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:41 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, 0xffffffffffffffff, 0x0, 0x4) [ 201.607297][ T3788] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 201.616067][ T3788] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 201.628009][ T3788] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 201.688252][ T3788] usb 3-1: language id specifier not provided by device, defaulting to English 20:37:41 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x0) fcntl$lock(r2, 0x6, &(0x7f0000000040)={0x1}) r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r3) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RREADLINK(r4, &(0x7f00000003c0)=ANY=[], 0xc) 20:37:41 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, 0xffffffffffffffff, 0x0, 0x4) [ 201.733331][ T9216] FAT-fs (loop5): bogus number of reserved sectors [ 201.743741][ T9216] FAT-fs (loop5): Can't find a valid FAT filesystem [ 201.749593][ T9221] ptrace attach of "/root/syz-executor.4"[9217] was attempted by "/root/syz-executor.4"[9221] [ 201.827482][ T3788] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 201.836541][ T3788] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.895863][ T3788] usb 3-1: Product: syz [ 201.903822][ T3788] usb 3-1: Manufacturer: ç’…æ¬ã¶Žì¤¾ç¶Œâ•§ç ¹å…–ᾳ⮵瘆ëœì¿šïº¶â†ï®—â•ä¬¼è¶»çœ¬ë»‚긞ឌD [ 201.949713][ T3788] usb 3-1: SerialNumber: syz [ 202.297201][ T3788] usb 3-1: 0:2 : does not exist [ 202.326603][ T3788] usb 3-1: USB disconnect, device number 2 [ 202.976948][ T8063] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 203.216952][ T8063] usb 3-1: Using ep0 maxpacket: 8 [ 203.337043][ T8063] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 203.345738][ T8063] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 203.357837][ T8063] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 203.398229][ T8063] usb 3-1: language id specifier not provided by device, defaulting to English [ 203.527054][ T8063] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 203.536185][ T8063] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.545155][ T8063] usb 3-1: Product: syz [ 203.550517][ T8063] usb 3-1: Manufacturer: ç’…æ¬ã¶Žì¤¾ç¶Œâ•§ç ¹å…–ᾳ⮵瘆ëœì¿šïº¶â†ï®—â•ä¬¼è¶»çœ¬ë»‚긞ឌD [ 203.561928][ T8063] usb 3-1: SerialNumber: syz 20:37:43 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) write$tun(r0, 0x0, 0xfca) 20:37:43 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270ff", 0x16}], 0x0, 0x0) 20:37:43 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, 0xffffffffffffffff, 0x0, 0x4) 20:37:43 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000001a80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) close(0xffffffffffffffff) dup(0xffffffffffffffff) io_submit(0x0, 0x1, &(0x7f0000000180)=[0x0]) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) 20:37:43 executing program 0: syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000000000010580413500000000000010902240001000000000904000049030000000921000000012adc0109058103"], 0x0) 20:37:43 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) dup3(0xffffffffffffffff, r0, 0x0) [ 203.887093][ T8063] usb 3-1: 0:2 : does not exist [ 203.892214][ T9277] FAT-fs (loop5): bogus number of reserved sectors [ 203.912857][ T9277] FAT-fs (loop5): Can't find a valid FAT filesystem [ 203.929124][ T8063] usb 3-1: USB disconnect, device number 3 20:37:43 executing program 4: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0x4240a543) socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000000)={'syz_tun\x00', {0x2, 0x0, @broadcast}}) recvfrom(r3, &(0x7f0000000040)=""/184, 0xffffffc9, 0x40012584, 0x0, 0xfffffe53) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x8100004, 0x0) 20:37:43 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x0) [ 203.939700][ T9292] ptrace attach of "/root/syz-executor.4"[9283] was attempted by "/root/syz-executor.4"[9292] 20:37:43 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x0, 0x0, 0x0, 0x0) 20:37:43 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x0) 20:37:43 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000100)='./file0/bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='dots,nodots,discard,dots,nodots,n']) 20:37:43 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') sendfile(r0, r0, 0x0, 0x0) [ 204.162484][ T9320] FAT-fs (loop5): bogus number of reserved sectors [ 204.174363][ T9320] FAT-fs (loop5): Can't find a valid FAT filesystem [ 204.200817][ T3789] usb 1-1: new high-speed USB device number 4 using dummy_hcd 20:37:44 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x0, 0x0, 0x0, 0x0) 20:37:44 executing program 3: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup3(r1, r2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r5 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r5, r4, 0x0) [ 204.268645][ T9326] FAT-fs (loop2): Unrecognized mount option "n" or missing value 20:37:44 executing program 2: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000002c0)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f00000017c0), 0x1a2, 0x0) [ 204.348294][ T9334] FAT-fs (loop2): Unrecognized mount option "n" or missing value [ 204.424002][ T9338] FAT-fs (loop5): bogus number of reserved sectors [ 204.457095][ T3789] usb 1-1: Using ep0 maxpacket: 16 [ 204.487807][ T28] audit: type=1804 audit(1593463064.198:8): pid=9339 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir969136205/syzkaller.vmdUsK/69/file0/bus" dev="loop3" ino=22 res=1 [ 204.489463][ T9338] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:44 executing program 3: r0 = socket(0x11, 0x2, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "000001000000000008fc9d71fc00000000000000f8ffff002e0b3836005404b0d6301a4ce875f2e3ff5f163ee340b76795008000f8000000000104003c5811039e15775027ecce66fd792bbf0e5bf5ff9b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ff42c65400"}, 0x80) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x60, 0x4) sendmmsg$inet(r0, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) [ 204.539669][ T28] audit: type=1804 audit(1593463064.248:9): pid=9339 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir969136205/syzkaller.vmdUsK/69/file0/bus" dev="loop3" ino=22 res=1 [ 204.607315][ T3789] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 73, using maximum allowed: 30 [ 204.635055][ T3789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 204.677793][ T3789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 204.719184][ T3789] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 73 [ 204.757600][ T3789] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 204.774876][ T3789] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.813450][ T3789] usb 1-1: config 0 descriptor?? [ 204.858275][ T3789] usbhid 1-1:0.0: can't add hid device: -22 [ 204.864293][ T3789] usbhid: probe of 1-1:0.0 failed with error -22 [ 205.067090][ T3789] usb 1-1: USB disconnect, device number 4 [ 205.836933][ T2499] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 206.076951][ T2499] usb 1-1: Using ep0 maxpacket: 16 [ 206.197247][ T2499] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 73, using maximum allowed: 30 [ 206.211237][ T2499] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 206.222226][ T2499] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 206.232169][ T2499] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 73 [ 206.245987][ T2499] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 206.255671][ T2499] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.265125][ T2499] usb 1-1: config 0 descriptor?? [ 206.308465][ T2499] usbhid 1-1:0.0: can't add hid device: -22 [ 206.314537][ T2499] usbhid: probe of 1-1:0.0 failed with error -22 20:37:46 executing program 0: 20:37:46 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x0, 0x0, 0x0, 0x0) 20:37:46 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) dup3(0xffffffffffffffff, r0, 0x0) 20:37:46 executing program 4: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0x4240a543) socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r4, r5, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(r5, 0x891a, &(0x7f0000000000)={'syz_tun\x00', {0x2, 0x4e22, @broadcast}}) dup(0xffffffffffffffff) recvfrom(r3, &(0x7f0000000040)=""/184, 0xffffffc9, 0x40012584, 0x0, 0xfffffe53) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x8100004, 0x0) 20:37:46 executing program 3: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0x4240a543) socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0x38, 0x0, 0xc01, 0x0, 0x25dfdbfc, {}, [@SMC_PNETID_IBPORT={0x5}, @SMC_PNETID_IBPORT={0x5}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'team_slave_0\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x400c800) recvfrom(r3, &(0x7f0000000040)=""/184, 0xffffffc9, 0x40012584, 0x0, 0xfffffe53) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4000, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x8100004, 0x0) 20:37:46 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$packet(0x11, 0x2, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@restrict, @const, @restrict, @func, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], "ae"}, @typedef, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}]}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x33) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) [ 206.515331][ T2499] usb 1-1: USB disconnect, device number 5 20:37:46 executing program 0: 20:37:46 executing program 0: 20:37:46 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 206.602204][ T9388] FAT-fs (loop5): bogus number of reserved sectors [ 206.639884][ T9388] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:46 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x0, &(0x7f0000000040), 0x0, 0x0) 20:37:46 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$packet(0x11, 0x2, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc5, 0xc5, 0x4, [@restrict, @func, @restrict, @func, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {0x0, 0x0, 0x7fffffff}, {}, {}, {}, {0x0, 0x2, 0xfffffffc}], "ae"}, @typedef, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0xe4}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x33) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) [ 206.828330][ T28] audit: type=1804 audit(1593463066.538:10): pid=9405 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/66/file0/bus" dev="loop2" ino=23 res=1 [ 206.856790][ T9408] FAT-fs (loop5): bogus number of reserved sectors 20:37:46 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 206.874623][ T28] audit: type=1804 audit(1593463066.538:11): pid=9409 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/66/file0/bus" dev="loop2" ino=23 res=1 [ 206.880344][ T9408] FAT-fs (loop5): Can't find a valid FAT filesystem [ 206.906811][ T9414] ptrace attach of "/root/syz-executor.0"[9413] was attempted by "/root/syz-executor.0"[9414] 20:37:46 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup3(r1, r2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x2, 0x3, 0x278, 0x4c000000, 0x0, 0x108, 0x0, 0x8f, 0x1e0, 0x1e0, 0x1e0, 0x1e0, 0x1e0, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x77, 0x0, 0x10], 0x0, 0xd8, 0x108, 0x0, {}, [@common=@unspec=@state={{0x28, 'state\x00'}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@multicast1, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_to_bridge\x00'}, 0x0, 0x70, 0xd8, 0xe001}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x40000, 'snmp_trap\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2d8) 20:37:46 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 207.012624][ T9419] xt_CT: You must specify a L4 protocol and not use inversions on it [ 207.032407][ T9421] xt_CT: You must specify a L4 protocol and not use inversions on it [ 207.116408][ T9425] FAT-fs (loop5): bogus number of reserved sectors [ 207.123820][ T9425] FAT-fs (loop5): Can't find a valid FAT filesystem [ 207.158522][ T28] audit: type=1804 audit(1593463066.868:12): pid=9426 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/67/file0/bus" dev="loop2" ino=24 res=1 20:37:47 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:37:47 executing program 4: 20:37:47 executing program 0: 20:37:47 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x0, &(0x7f0000000040), 0x0, 0x0) 20:37:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:37:47 executing program 3: 20:37:47 executing program 0: 20:37:47 executing program 3: 20:37:47 executing program 4: [ 207.631211][ T9443] FAT-fs (loop5): bogus number of reserved sectors [ 207.671285][ T9443] FAT-fs (loop5): Can't find a valid FAT filesystem [ 207.681056][ T28] audit: type=1804 audit(1593463067.388:13): pid=9444 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/68/file0/bus" dev="loop2" ino=25 res=1 20:37:47 executing program 3: 20:37:47 executing program 0: 20:37:47 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{0x0}], 0x0, 0x0) 20:37:47 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:37:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:37:47 executing program 4: 20:37:47 executing program 3: 20:37:47 executing program 0: 20:37:47 executing program 4: 20:37:47 executing program 0: 20:37:47 executing program 3: [ 207.942487][ T9460] FAT-fs (loop5): bogus number of reserved sectors 20:37:47 executing program 3: 20:37:47 executing program 4: [ 208.010315][ T9460] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:47 executing program 0: [ 208.056438][ T28] audit: type=1804 audit(1593463067.758:14): pid=9468 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/69/file0/bus" dev="loop2" ino=26 res=1 20:37:47 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{0x0}], 0x0, 0x0) 20:37:47 executing program 3: 20:37:47 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:37:47 executing program 0: 20:37:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_submit(0x0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:37:48 executing program 4: 20:37:48 executing program 3: 20:37:48 executing program 0: 20:37:48 executing program 4: [ 208.350942][ T9487] FAT-fs (loop5): bogus number of reserved sectors [ 208.357662][ T9487] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:48 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{0x0}], 0x0, 0x0) 20:37:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_submit(0x0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:37:48 executing program 0: [ 208.474778][ T28] audit: type=1804 audit(1593463068.178:15): pid=9490 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/70/bus" dev="sda1" ino=15991 res=1 20:37:48 executing program 3: 20:37:48 executing program 4: 20:37:48 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 208.607528][ T9501] FAT-fs (loop5): bogus number of reserved sectors [ 208.614068][ T9501] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:48 executing program 0: 20:37:48 executing program 3: 20:37:48 executing program 4: 20:37:48 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)}], 0x0, 0x0) 20:37:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_submit(0x0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 208.812849][ T28] audit: type=1804 audit(1593463068.518:16): pid=9512 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/71/file0/bus" dev="loop2" ino=27 res=1 20:37:48 executing program 4: 20:37:48 executing program 0: 20:37:48 executing program 3: [ 208.883459][ T9525] FAT-fs (loop5): bogus number of reserved sectors [ 208.890630][ T9525] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:48 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)}], 0x0, 0x0) 20:37:48 executing program 3: 20:37:48 executing program 4: [ 209.116023][ T28] audit: type=1804 audit(1593463068.818:17): pid=9535 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/72/file0/bus" dev="loop2" ino=28 res=1 [ 209.160003][ T9540] FAT-fs (loop5): bogus number of reserved sectors [ 209.192553][ T9540] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:51 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:37:51 executing program 0: 20:37:51 executing program 3: 20:37:51 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:37:51 executing program 4: 20:37:51 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)}], 0x0, 0x0) 20:37:51 executing program 0: 20:37:51 executing program 3: [ 211.798134][ T28] audit: type=1804 audit(1593463071.508:18): pid=9551 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/73/file0/bus" dev="loop2" ino=29 res=1 20:37:51 executing program 0: 20:37:51 executing program 3: 20:37:51 executing program 4: [ 211.855027][ T9555] FAT-fs (loop5): bogus number of reserved sectors [ 211.867914][ T9555] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:51 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 212.094673][ T28] audit: type=1804 audit(1593463071.798:19): pid=9571 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/74/file0/bus" dev="loop2" ino=30 res=1 20:37:54 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:37:54 executing program 4: 20:37:54 executing program 0: 20:37:54 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e666174", 0xb}], 0x0, 0x0) 20:37:54 executing program 3: 20:37:54 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:37:54 executing program 3: 20:37:54 executing program 0: 20:37:54 executing program 4: [ 215.013096][ T9589] FAT-fs (loop5): bogus number of reserved sectors [ 215.046572][ T9589] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:54 executing program 3: [ 215.053442][ T28] audit: type=1804 audit(1593463074.758:20): pid=9588 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/75/file0/bus" dev="loop2" ino=31 res=1 20:37:54 executing program 0: 20:37:54 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 215.291074][ T28] audit: type=1804 audit(1593463074.998:21): pid=9606 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/76/file0/bus" dev="loop2" ino=32 res=1 20:37:57 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r3, r4, 0x0) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:37:57 executing program 4: 20:37:57 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e666174", 0xb}], 0x0, 0x0) 20:37:57 executing program 3: 20:37:57 executing program 0: 20:37:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:37:57 executing program 3: 20:37:57 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x0) fcntl$lock(r2, 0x6, &(0x7f0000000040)={0x1}) write$UHID_INPUT(r2, 0x0, 0x0) 20:37:57 executing program 4: [ 218.170638][ T28] audit: type=1804 audit(1593463077.878:22): pid=9621 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/77/file0/bus" dev="loop2" ino=33 res=1 20:37:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 218.234887][ T9624] FAT-fs (loop5): bogus number of reserved sectors 20:37:58 executing program 3: 20:37:58 executing program 4: [ 218.292740][ T9624] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:58 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r3, r4, 0x0) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:37:58 executing program 0: 20:37:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e666174", 0xb}], 0x0, 0x0) 20:37:58 executing program 0: 20:37:58 executing program 3: 20:37:58 executing program 4: [ 218.525345][ T28] audit: type=1804 audit(1593463078.228:23): pid=9645 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/78/file0/bus" dev="loop2" ino=34 res=1 [ 218.546142][ T9649] FAT-fs (loop5): bogus number of reserved sectors [ 218.554525][ T9649] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) dup3(0xffffffffffffffff, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:37:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f", 0x11}], 0x0, 0x0) 20:37:58 executing program 0: 20:37:58 executing program 4: 20:37:58 executing program 3: 20:37:58 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r3, r4, 0x0) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:37:58 executing program 0: [ 218.766050][ T9664] FAT-fs (loop5): invalid media value (0x00) [ 218.802806][ T9664] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:58 executing program 3: 20:37:58 executing program 4: 20:37:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f", 0x11}], 0x0, 0x0) 20:37:58 executing program 3: 20:37:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) dup3(0xffffffffffffffff, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:37:58 executing program 0: 20:37:58 executing program 4: 20:37:58 executing program 3: 20:37:58 executing program 4: 20:37:58 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r3 = socket$inet6(0xa, 0x2, 0x0) dup3(r3, r0, 0x0) 20:37:58 executing program 0: [ 219.114048][ T9680] FAT-fs (loop5): invalid media value (0x00) [ 219.129425][ T9680] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:58 executing program 3: 20:37:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f", 0x11}], 0x0, 0x0) 20:37:59 executing program 3: 20:37:59 executing program 0: 20:37:59 executing program 4: 20:37:59 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) dup3(0xffffffffffffffff, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:37:59 executing program 4: 20:37:59 executing program 3: 20:37:59 executing program 0: [ 219.375486][ T9703] FAT-fs (loop5): invalid media value (0x00) [ 219.383247][ T9703] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f020002", 0x14}], 0x0, 0x0) 20:37:59 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r3 = socket$inet6(0xa, 0x2, 0x0) dup3(r3, r0, 0x0) 20:37:59 executing program 3: 20:37:59 executing program 4: 20:37:59 executing program 0: 20:37:59 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a02}]) 20:37:59 executing program 3: 20:37:59 executing program 4: [ 219.661644][ T9720] FAT-fs (loop5): invalid media value (0x00) [ 219.671512][ T9720] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:59 executing program 0: 20:37:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f020002", 0x14}], 0x0, 0x0) 20:37:59 executing program 4: 20:37:59 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r3 = socket$inet6(0xa, 0x2, 0x0) dup3(r3, r0, 0x0) 20:37:59 executing program 3: 20:37:59 executing program 0: 20:37:59 executing program 4: 20:37:59 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a02}]) 20:37:59 executing program 0: [ 219.990066][ T9738] FAT-fs (loop5): invalid media value (0x00) [ 220.004154][ T9738] FAT-fs (loop5): Can't find a valid FAT filesystem 20:37:59 executing program 3: 20:37:59 executing program 4: 20:37:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f020002", 0x14}], 0x0, 0x0) 20:37:59 executing program 0: [ 220.228825][ T9754] FAT-fs (loop5): invalid media value (0x00) [ 220.238308][ T9754] FAT-fs (loop5): Can't find a valid FAT filesystem 20:38:00 executing program 4: 20:38:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270", 0x15}], 0x0, 0x0) 20:38:00 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r4 = socket$inet6(0xa, 0x2, 0x0) dup3(r4, r0, 0x0) 20:38:00 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a02}]) 20:38:00 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000100)=0x2e4, 0x4) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x1}, 0x8) connect$inet6(r0, &(0x7f00000007c0)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c910ccab00220bc31", 0x34}, {&(0x7f00000011c0)='|', 0x1}], 0x2, 0x0, 0x0, 0xffffffe0}}], 0x1, 0x400000a) 20:38:00 executing program 0: perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(r1, 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9281a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 20:38:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0xaeb7, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) [ 220.467366][ T9764] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 20:38:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0xaeb7, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) [ 220.525650][ T9763] FAT-fs (loop5): invalid media value (0x00) [ 220.552091][ T9763] FAT-fs (loop5): Can't find a valid FAT filesystem [ 220.579917][ T9777] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 20:38:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270", 0x15}], 0x0, 0x0) 20:38:00 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a02}]) 20:38:00 executing program 4: 20:38:00 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r4 = socket$inet6(0xa, 0x2, 0x0) dup3(r4, r0, 0x0) [ 220.784288][ T9791] FAT-fs (loop5): invalid media value (0x00) 20:38:00 executing program 0: [ 220.873412][ T9791] FAT-fs (loop5): Can't find a valid FAT filesystem 20:38:00 executing program 3: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{}]}, @ptr]}, {0x0, [0x0]}}, 0x0, 0x3f}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xfffffffffffffd0b}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$cont(0x7, r0, 0x0, 0x0) 20:38:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800002000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="eb3c00800000732e66617400020401001f02000270", 0x15}], 0x0, 0x0) 20:38:00 executing program 0: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000100)=0x2e4, 0x4) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000004540)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c910ccab00220bc31", 0x34}, {&(0x7f00000011c0)='|', 0x1}], 0x2, 0x0, 0x0, 0xffffffe0}}], 0x1, 0x400000a) 20:38:00 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x15, 0x10, 0x3}, 0x3c) 20:38:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000300)={0x1, 0x0, [{0x0, 0x2, 0x0, 0x0, @sint}]}) [ 221.034392][ T9817] ptrace attach of "/root/syz-executor.3"[9816] was attempted by "/root/syz-executor.3"[9817] [ 221.062742][ T28] audit: type=1804 audit(1593463080.768:24): pid=9814 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/85/bus" dev="sda1" ino=16047 res=1 [ 221.109693][ T9826] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 221.146368][ T9824] FAT-fs (loop5): invalid media value (0x00) 20:38:00 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a02}]) [ 221.156249][ T9824] FAT-fs (loop5): Can't find a valid FAT filesystem 20:38:00 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000001180)='threaded\x00', 0xfc9a) lseek(r0, 0x0, 0x4) 20:38:01 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000300)={0x1, 0x0, [{0x0, 0x2, 0x0, 0x0, @sint}]}) 20:38:01 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r4 = socket$inet6(0xa, 0x2, 0x0) dup3(r4, r0, 0x0) 20:38:01 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc1, 0xc1, 0x4, [@restrict, @const, @restrict, @func, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {0x0, 0x2}], "ae"}, @typedef, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0xe0}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:38:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4008ae8a, &(0x7f0000000580)={{0xe7a7278896eaf9cf, 0x0, 0x80}, "f20145374ec03dea446d92b2117761528576cb5678fea0dd87bbf8ffdc6d329bb4e4bcf50e83e67067c6598de642751ad556fc0398294f61fd99b13f3ca29a893c773803fb1b098af7fdd022fde3b9319a369db136b2fea20e6db2e6abfabfe1c5b2bec3695df091fccc99e98e5626d079c854db53c8b76c093ff9027e5b030ce9dc0f1d2436c8f2910c6dca8cdeb33ccb30aa638c9cc22db37cf69076003a80d7c188c36f1847910fe2c5c5dd0eb812d71ca26cf0a037551ecdfe2951916d971430e90c7859316e554646aaaa432371997e5891238d09ae5d17254d50956972c8748f6194cab16a6cade4319836d6c6724f8676f788d32112134a21b97ff3527d0e69c81cda6c5d73178f3014f569644a1aceffee3b97784cb3b2a082bcc6480ae8ce356b673b404ea37f1363d4ce27acae77b1121f5f6a0eb057a99b81c30df901233794d2d58a1ccdd10e704eb9a8b35278dd420a64854ae12bc0c8188c95241061a0825eb024254f2dd92d42b4e2391bcc50f623c5323c07754a04b961515acb51bc8b35acff98397286fef478542c21511a78968dc4cc07b62b650ac6f35d5cb43e2f5da7f428a335ae2725acd4eded7afbf80439a7ed1aaf1bdd53fc3cbfc52e7b4afc96b93281f795817ea61b42f5b6dbe7f0b52312b0fef3e0f6ef78c6465642a4d5e7983adb7211fea2590b28277ca98647b11febc8a2d1c9043afeeb37a3df2155aad5e06c6fd5f3c49d9fd44a9e24dd4d5e46466b3b4b9983e55daa419bf17e96d722da3639e17b30a4c94ee47b889e4ae7a7b5f60b615450e56bdabfcb86c6fb5346bbb94fe431d4a8724653eab69ec164f71f213fb174e623abaaf88ac69e80f5a8f3dd943d372a6b120bef67d99f223c37df1d4e0a465fdd68c7f510dbd4dc942cf996955c8c79d337a757ceeae6da96aa994979af29987db5cb64244c35812085c19c2ab30e1f3b6029fa0eebf12d00b661db89e1a8e7077286abb0e359e996367386043d710324750514a1824301689ff92b8476f1848a8ff85113db12afe2472f807b8ad29433baa871a9e2df67039b15306ce912392330cdb1eaecc2ced9c102b08d7fdf8217121b8ea3938059aac8a2df95c067605bb2cfbe57177d0ebbb38d8c16e68ebdf47fdb02d3bf7e87443439ff838a76e5a36d3dde460f524fb553559a27a3982a1757ba6135c20f991c655a05da096325272681b01b07910a1ed70fae5154a6dd4b6dc678f8780236f8415ca67d16f9fe7275fad925d341db628adb5f30b2de15868a173ea723fa3447a2dd513f31dd5086cc39ca8e63bdbb65b2776a58e9fde2403108444267569a076b67ec5cf3cc9bb460718b9a9049a25225058fb4b6235cca408e53fca7071e1cd33ee9d008f7d3547e4057d02cb7f00101d96bb1826a69d8b6b1496b8b72a074af4fe5abe094988790175db0d840865b2b3e4adf940fbf0d101e47ade3f1fc75c6dcb1cc6ad3dbbfd7d74909ee8f1613dd499a74163e0d7b9ea886993e083332ce648b80f7dc7e35bac532447794661f7f10ac11822cd0f0cb95ba88cd57046fa01cf76bf1a8d329028f5d405718ba6ffdd1c9dacdce01c4fb711fd4f954ef5165424bfaebd78b3bf5af616a760ed958d2789688f9479ec7c15a7662c31e28821881e6c08502c3806049e2c56e1e4d7a025b2d35700585c2cd1f23812d2421b385d4b61cccd0208eeb29920be0e74b42fb48fb29941d37adbf50d9653ab286da31435499fb1601c591359f2ed1839b4a1569d3455d82ca0afcd50f42b6074e9a9a4b521ada1ae81ea41ad695a10d9225354b7999b9ffd0f9b18a2648a106403cbd06c72c877b163193bbce2b06cc8832e84ce0ef3d6ef851c4eb78cc4deff8b60c08cd10659bc89d74efbb62aceeeb7a614ee015538b0f39de2b6e1423df970134b07d9523bb4f01be7d7fa64a9b30c57251aa774b73c0e5449032f0c0b0c38211dc668a412d2ab394bac83752070fa2dff1593189a8cb0b16f78221e9fd530e92d2fc20fedeea0c049fa185b513d37cd7b2a98a59b01a1b3bc17fa5d4073bb3d508363798962cac437e3b2a123843f9c234260ac2aa1b8e5463220b0d17e08d9fa1c61222928fada89975aca6151510b591730678109d8bdcd0ddc32905ca3d2866a80522ad099743c7647300726c011105a33b18bd5b1926e85c3dec3b15fe8d21a86d6555b4316a3d25b692435866424cbb7e50e44556c0e6b8763224e95b70d21de9e610c376921bbca5833df1fa8f77ba507acf747f4ebd5b47d44c629ac947fac1aaec13a0513cdc4755a93bc3407f8f11a4e2c85f1f052a62974610f7a2231d144a273397bd8e9a2080d7c3a0ccac507dc84fa9c85b1a54073f853ade076a72500e07de86d0483cfab54f1dd31f3ee37e4ccfcfb6a1be276edcba837499cf1e9a322cd91caa9802d6bd8e7738849ee20305995a281d6353347f0189a83c0e2e11e14ee5113db6ce981ae770b2063529c059c05a51071efc39cacf972e929c52f9093b91fdd5be954be1777fcd99559c190aa870d7b7674891982225f2d5c721700c394b4643b9f43d25387e1047884a3c8a9c03738143a25f69181d8aa996e6b69551aad78c601589f9cd6fffc444177a6cb11abf4ca25e73acd1d78c45e292946b63ed18992553fd54677297e543e0b4c17ae5c52a77847d4e95e6f8ca08ac178dba145c1bee31302f1f79f94482125b834378f782355ae710798dcfa89abcb61991ed1db8177c00f62aff9c2de780c5db1e41bdb23f5d60d94d5152839dd4063a9cd08d33206572090d80f5c643466a0ef2121eaddd89c28680118915eb2924312f4defe2e69aa53c8fa4689a9540b7baad59fc09bfd7b7966df502850255289e44cc5ef1a8a4b14c9e4b6fe03b27aba92457ccbf546469531d2a54d5cf8c34af3755b355f2925bc9db1be826fbd2e41a27c7a0aa65c4015405c61db20d9a6dcf1a49ac0cf7f048757f29d31b1d9d5ec732dd86a769233f8ec40b97656c493a2875485e87b0155ee519d2e891e91dab51c67c1401f66240396965ffb98db0460975ac4f02502d17c1a7fc28458686fcfcd311d443d4646354197beacb616bf96b47b90b133fdadd2401731c4762eb37858d103bdb145e514d59c4c9e327a82bb1efbe92f98e86b20a151191d213af79e903fcef935d83fdb91a052218e3589191418acfad47fd0a994a21de356568f274dbf8a90936edda2b766dacd30ce54ebf99342a4545b98d07b34115416981a2f86efa6e1d1917806ccf13e43effd559d783410165c22b21f7ca56aef3b8d392ce0a5f7216a826115d538457f6550db4320038045679fddee8c5b8cc53dccdf42d296c51cb0830bb180dadbb706e16a79a5830b2453cb405b60e92a4ed028554e3984cffc5cf42ad800a0ba8b0b25929e49d0dbfcef5338878b77aac8803ca3be20ce82d93a4af9730df32a6bf2b3c1b4ea6aa9d34595d5e30c4183f2ee3dcd7aa860706ae71b287affb8eb8fedaf7569a73a6aa612e11b2b8c0f1aa0cc4db69a697b4e9097e0cd448f00ddb9a7e2a3c34fd6018ddc48db31c321449a42b3fdbd40a380d04072e0e832719c978f21c828361f9b0c08637e4042b129a9354d1c16c0056e669a3a593da5906c4b21670bb3ec8fc2e8e828b218eecc5d928846ae44ce9a1eedeee85b2a208546b991ddd05c11bf94258b14e62a002bc1eec360cc8618cfd41c42e30944cdec83ecea8056c38fa875dfa6fba7d59647c8ef79719bfccf125ef07a9a50822e06367747936358b384ba2f1582b0b899cf331a382967451ab3eb82492f7888e3fd52cba227099562cb8f52584ed251659b24ec35c89034e2b2c51065798ec223c5b7eac781e054df2e58eb7c3d097a081e41fa11c85491c1788a8a0c46e4a1c1dc0aa38bd0ae5df52e7b7393796cd7c44185361207a260f45d1a3ec4228e2cc981de0ab1025aa228e154c4cdfe55310f644612c6329a20f949dd5c41ed7843dc9f4f6c13c7f83b02b935075ef56b0a8ebebd8d8618f59bf3bb78f8b127f443b930eddbd8015fb25d7b84e36dcf81ffcc3e689d1020f51e1b9c40378468b79d90eae8f2ad285cc6195b643877ebb37488df309a74f4afddb3369a57611f0264d6d48bb8ecdf1f1420df38ab132cb9dd3798f5720480c053febaa624b186a885f0df4e986b137c9748ab095312270df4d460b280988169ec2c27e84fe553f0532c41523bcda04245c7ede728ebb5d4efbb5e0488032cc019d9af2ab5ef97151a2ab2994d2fb4669e72ad6569ed44ce70296ca48ae02f8edf1c77f7a5ce9cfc6acaeebd77e9e3cc8cdbae206fc4aa059a6e4d74bc488e8cf312a94c3befe67954e9eaf433b23b9c415b63ffe03d6d18f452f7401ba9da5251a65149cce81c49ea0b6c78557029ec3562053955419c69c7750dcb309fc5bea065ee4bd5665eb7b46168d5f7bed8493b2db6a858aaf2a90a4eba841e4fc93f2ccb87c20e72d1196904e52a61f180b89c5d761f72801327e1312467040f8b13edae4fcd27937e46ea627e42874fd4dcd21382d0314997b0a8a1b2be120937a985672cc74c362b7bdbd1584dad10ef54e994a1f78f3b9d39969ae520cbad599d015816ee51b34c47f2f5e1d54c2b767583ae93ce4038905fbed95ddcd17696f981425e3fbe9955cda26d8c3856a1e9c4f1aaabda5fe490ee5205ffcae3408a28af4fa0ce95e9537c395026284c4e28d35c216b84c878e96071632be5160c16dd6db9e5fe0c27221edad05d9acbec5828577011d4ed4644e40e3b90928a5d229ae0928c340d87cfc9234953188c42ea77e781caa319d3cb8fb728a77bac3a58f94284fb02fa36234685a99e16a7d6380441d6008f1103dddba827c272a08af71cbc47d67ed0aa7466e1121f003f056f4d615933332ae7156e1318db0b52b834e2f87e63ca5499f13551939ab56b3a65fdb2e0db653f27f99ff4ab11f2c2a1c0bd08202ef958ae3df2006b269e0daabc6dcdd080b2018e6d197f8beb53d9dcebca743e54c87fd6d126508e27f647f4e33e322c5ba141e5a75aa213200cc0d80bd5e11992ebcfb3e4f40a93582b889392dfe09d26c9aa5bbe43278754ae2b691e42ad0b4c21646f9df38b340c7904ca62a5401b2f4fdb40e592484784d87afb7b3734df77c7938a32afbefce9188c7e29bf668ec2fc08a78d5a2770ce0f510acfed8a80de0693004d1079a21ceb3dd7d6aa54a674db30574f17997ce9a9c0723889baa32fcd673d4dc7e7149017e2da672c8eb1813bb06d044bebfeed5f9ff4c40fa35fa518a979aed9cf7bfec2ca3af16010af26bc6557430b840c17a8f5347982c94ab2d9d8104152a4d9d573f4436a5d0a7e3fa1797bd62f2334c23aad98beaa1c1d9db8557fd5478bedde72a3bea9cdee070e8602178789c8134c3a0f8f9e78956ef397d76d51732c0a50dd1da02cf56a931122175ced8b9effc423c8d230a428077b887ce693b139095ca0d991ee91e140c99c59f4cf4cdcd910edef9bb3e3f79e4addd9311e980fc48fdb7a64b06cd1e0a9c7bc347894a5aeb7dc591696d8ff075d68d56c13b6aa5d991a5d89ee2c0ef615967f7c60ce83a58732e744b544644aa470f2627629f7f707b596289a8ff9cc781d13bc215bf377a72a75156557cf1af58eb3802637953f0779928a7cbb816e02befc6509560276f79b0d233443e50ba210e288adc8a52222bf8f2d48bb68c9c9d3dda5fbf98a674c75feeb6016a4e0fd005bfdd2b741423501400cd62ff35f40c89f7", "056f9313ad8a1924c41c16320035cd91d62d8b764658d515960c422cfd10d462e4dfd237ede6d3515999c69c0555efde6c59dd1ce854ffe84b8c97d16ea00034d246d367dc56c52d0360949633b1b1fcaf4df58d2c2d9f610433f8cc3808bb0ab3fc150b3863aa17664cc697ba13873380dda307ffbe6876625d0f7b483af3b4e0f0bc4736bcc8b375b178a060d7ffc02901e8bfd49f9f55f838a7fb1e804be718ccf82a1015fdf5f61941b97566bd058ec8033a89ec4dbe682070e3630ea5da8634e68846267f74c5f6495cf498572f82f523572d3dd98fa69d6e27831a047358ecbf331c7b6f35e989731012b6dd30e2a8f3f406617fed8261cad7d5049cea63e91d4f6140c897fa877ea424e449d546f29c36c3c48b23162fe36ca630ee0e5350bcdfbede8469c1c4a9c431133b22ff3b1e166e93b77b3553b15d596847222b9003b6a8d2f5c1c22611eecec318bf11ba700e527834a59eecc0b60fac4e333173edee8713b6f6503eb16fa14f3b7bb0c0cef00d08ba5349796e3c6592cd772fc319312a0901e8ed1be4dee5844e844aabfd566620dbddbf0e7718ec55a5cc5137dfe27b13df1839a6163b0c0700472f15849e7616e31c0093940400feb118f00c8e95a3f77b3e333eadc6a49f784ab417d9be2629e76fd51e5e412201819288f52398a282831d39edad944ee5ba83e4d34521bdc57b0cfd6b5baed2287615ab554f444b5bdd709cdb4d03da397eefdbda8345f62df8de78267645f5b9457145bfa26e690703dbde383e0bf783ba40317e49afb3499511065e028423f0abe296c69a0dcc6ffe058a0658713b85dc5c457ba503840ad22bb5ceb0089bad491d2ea4cd1e986c9df8c2b51ec0ebdc3d2460bcea33465d294d02936bae7f76b11f5b82f8bcd6e15a13ec0f157491557139d10de002852af14d7485ec527fe5b821ca1d12d9ac2c4edf3d54a5abca9e52551a47c50c101b75e34c32724e43c812b4444420bd02202e4a69c72a4e17883131f593138e540b6ede9b43baf6009854593a705f107befdc5d214dbebf1822c1aa9371b5f83741d77c56e0e9cc149acdd24fddfe5637babb71253e24d0148f2d05deae8fd830981946900cbeb01180130424c162c96c76a1bdd5c1826bde4ce9c7666817d0ac4396aa794c5fc126fbf7122cf1b2662b227f7f9b796e143b01218d8a8abba16e4b5d806754dd2e75d86f3f4562cb06434ca2ccb23473d4ede5828f10cadb91e32490b428a522c4f0d9eb90751d9ba812cbc7eb11ac579cc1bb98b05b799866508d5c8f679e6d6fdcd8779ccad4c488d57bebb3748673ba1597a4cadb3b2c6552e1d1eccbfd0ab45718d183c807354d20c611c522fea1149e7f43c27513342ec5bc7477c3d80390e1e50061f50fc43e9755f35cf980229f7b4f1d9e0438c6c53056cc9c6c9966ab14beee12e27354300c165a11236d1cf6d315e1fce7d47c746c1bd6bb05ba4225cec6a81d126d4432d0acd74c843ed2635089cbc71cfe7f89f254e677dc3302a56c5fde71bc8a00b9523060cf9827e0aea7e07edbe672126f2ba62e7ceaf627413db116cce3d9cf06fc4cbcf95cb458b867f4c84b1ac9a8c2333c2b1af2297a688e3256c84fb2394498e7ff6eec66b01948aa191d0fbfcd4ff1a8dccd4913307b8d6d9d2f77f68765d64e93e696c00fa9f4b935bd186fd84893a8a6a182248e0f675fb5d36ea95ac5d1efda93a2e9bef691943d3240b23a7baa491313598dad218b4f9e9f446dd00b0f1fd06187d94c94e5521fd16fd6114a6889a268e1e5d2a1853370e7bc171173f17f3509f01144304966130959a87f644b81faa74495bb5fbee6c9264108917e949b6540832f095aae00f89db126fb983e3e8a72903f35d3fca5e305387b0efa78cfb108c59bf21bc72d0a72e2718238fb2aacb6b081f3f44874b3ceb9e4c84a29e71854ba0fc63cd06bb7f47b72b2ff9e15924d061b6569387af8ec0c7d921439d5fa00db759458b577f9bd306683e5882f9179ba4c28d7143fbd460ec126f87170277846b8286b7caefb28ba3297f5b133cffa3b74ee848164f87a20e4761c95357458d5f5f97bf4eaefc59d4a3b3ee961a30238c4aeafcf7d25b34fdb5a4d46713425c0b12a6edd24fffa18dcd420986baf37fff548296d5ceee9a6335ee7c5533d16ee54a0e83929fe4c23e97c6455c36b0007fac59b481be9db108ff59f2a5c471da5e5aa5adf02a83e3a7636573b0913291886bfea40af62edac766493ee329a83f2b2deb0221944e73eff413f51456b1da12b4607d9b640ede536a28f4f563ccf23cc78c70a2a719ba33558356500a21d0efd3595027989c961bfa583ac7562178bd97eb5f3034214ea8c068568204cd633de1a00b894e9b6473120d615e8ff29a09bfacfb7931ba4b92130519fa0ed116e6ef9661d927ade02893893426d2d2bae932c56794aaf1344c8a7aa58c05067814f5d88ae4bb33e78d68fd325e9d09069e9ddf65ae99a35731d2b4cf5233f7e39f02cb7dc7a5377f0a042ab6e2b5146f70e9e3ce2a21a07597e7cf28f6bf4c03b7d640848effd6df67eaf4e532f570deac6f05730864d298d4b0aa0e93e70a0aa520736a97ea1ecac0a8146770c6a9b02641ba53c5f80d1c3bec1cd1d909b7b69c55363e4920100ff507332be864e5b2fe65b906dedbf9995659aed1149fd8065df2c36add351b3a334b4edd1cb40264c1758e395fa163bf05d58e3c136e8f256c1ac7a5bd6097a90f9867e541a28117126fae22dc306cb28ca691b01c29eb0ab938f43446a62d488816b5a38b7f5a82035abcad1d487f651b588d7a9d4ba334613fc65d17136bb90d6dde17f52c02bdd15a81200a808e4a5fcbc1703b7638adc91c0f1361730a8f699169cbd1c9c8537625ca965d7a30da98796f3de3d268cbae69320a1db1d3aebcf9b112804c4cab535f958f237b59ab731bc98b0f7328fd19875c0d4563a9d05e89851121e633052d5c1e45aa978bac9802a1ab126436a904b8e88022b48270422a586205aa789d009ae8d8de2de24ea7bb4c8f62a875656f582a4ac57c8cf298b05c44a5866a36510390b3955128b29da8beff6e4f459ac0c029893f8e8c3b154f046165bbadba53472cf939fbd4779d138d8c3c038ca3db82dd4986db0ec02ca59b8713d92c27d235a9a6db505050ae0b7d15bdbd403a555cbae435a9ee8b5f638354d0cec460cc5c9ef6813862148965c4601cb29f40af81661a6e95e4f15c5d2d1ff02e10325d760788551bce9c927ebb53daa2e0bf331c8793be0b5a596e11bd8600c68d420e63c0c6a50ee61029379f3d1786c461a13bda7a3a6762d714604e28280879b79af8fcfaa6e8baebb30348e75519d9d217e8c9d5fad20685a0b2c9846036c3b782f87712a1c32a1a5801435f2151be3073411f67c8a50d4a399ca07f84d37721c474cb22bf981561a342cef03baf911f56d46e38ada42be95ab2002fc607ff7bec7b23ef713c9ac8172210dd7b1d724a0f9985761949fbd97ec03f75f121b67b198489ac1570746519cb86a026fbdf7a1aa5a076dbe68a939becd889c9c02211bfe3961a85a958e450edaf96b35ff4308b94024c5728e161acf15b1602add9b1a05da4425adb587197fe0d3949eb28d97b51aa5e2e726446a3582246c32524e409ffb9a4ec3d6075a1fb9c5ad1a3fafe81c4b0d7ea10c7e37df74f84692a3495cc326bd4fab8a1b292d5d079ae60b642c39a0c5e7da168247d1cdf1aa11d7d4ff7d28f27503bbcaeff0fe0bd66d9027210c4f284d47561e7141923d39b6dfd018008d042e3125070660327afe2add090a920820096597873eb3853f0d66eb4be7b752a08c02950b3fc0c6d2293fca10424c50b469403acece27f942687e3ba82d4f86253a40b98a394bb5fa21e669715c333cf4f28a2731d2576103c369122308dbb5935d80499283c5aec46c91f5ae2e1d97cc59911d47e33654f0552610a4777a88d3c383b907e753a7d87198f51a5347d972b1d599b7527338521026602fb0f24f885be8ec30252206dd004136f8a40b4d3ff5edab8cfd925406d19a614c74b10bb42005c25415942575c46f86ae417224cca7aefb9fe0fcff5c0a7be9303c8db22517a3c4e0aa33860b9cd81ccb05c8f764d22ba852ab0bc95f173f41b00d5e19ba793ba859b1ea3463b5a5fcfae4d6a730aaa45f964d0a42b4fb86c656b89a61b28e941452b87341fb90aa030cca7355b24ead6aef176b580dd6967b433fcabd7ad19ce2e04fe35ceb58836242dc3f4503b08a155d230353ad47595886b8a8e668ee73e04265fe4664bebd7b08904ebe3f6e9f3edf3ea4c8aa25ec89b376e15c8ee0223d9fba05432ba22d4ab19d10d2ea68634051f4eb4a06eb8dffa6b39ce29bcab91ceb540bde3bc1cd1d01d90bfabd46c49126eef3aaa379026352f7dd6df69a8b7cf19ad88cc03cd1dd6905b5d5d126ae1bdd232a4586a0a10aa0b31bb6497a5c36151fc1d093fabd0881e65633940d3de72f152c57f33dee275d6a01624627a932037165d0767a57ee29cd596b975b86bae03925e37bf659ee58bd0a94f7dc35c089c3ab12dd9a06ebf3905960498da5175c238564ec0c687f038af266cab50a775ae016762f7a66bd9d508ef30bc228ba5321e12095a138547a4269447434d5911bbd557e52d824626318c0c9efce86fa1ff6ea3d54cba90962bfe3ef4b4203ab7d9f0476f2eaf0fccbffc695c5cf1bf10cc6b347acaaddd5780024360c2b22ed799da9e56ced55fe5cdaf091d425f2eaee42b60ea2a4d4f025dd8f9e573d905615eb9db717346eb1926f8eaac687b7d35f28eec9e1e74d7555e48e889955e0b60330cb03b61f95bc5ee88c8e681f131488895813e0b95becb97336df8e7df96e0d511b0a583474e7cb69b7415833d3362f96c66ba210dba363dad80e8c9c1edacf755f9ba7ea7c0730cbe2d63ba5d8d5a185c3071d5884372781427f78ed5186c18faa9100c4293385cb815738f55e5c2365a9758d6ebb17cbfb69496c466b816c3e5645d53b9e323851e99aef19936bdf26000a79d99e7a1bfe7a735884e2d9b29237e5ceffcfb6d4d615953ef9acf2c3e9f8114d8865333c95bd416762b1fc40f0239e9f300c1fb1b84627e6964080117df0572dc546dbb705c058804805354fec891bcd5f20dc81749bcf0df77c7095b9b447dc04bd222873cc1c8ae9c5568d646c1a6b0e31ff1365b678f1fd9631aaef7bd1ee441f3b6ffaca2859223bff69946793d5aed75cc6c46df325520f1f5d00fbbf835a98c6dea9d6addbe3afc4d0082286a773ed45a918b0aa343bb8fbfefabae53b49f51cbb4b812c5198dcedf462555602da61061d7eb4d78cb6d4809beee79dceefec879d862dc77ee22762cd883620f0e55ce5e4256701a4f3014cba9222d13b2e29f7ef42e5e17724d91d2f8a39dda580c4920b755ec301fe9c3efd38f724f2367ed240c73cdf4b487007d3d95f278cb4460384ca89c8038f1d051e2210b840d78487621bfcbb5bbc285c3d66fb432f5128aaf378ceb026064a252b3a2adde77669829c6464e71210a2fa0f9930a631cc008922ef0992eca6dad11d41ac18c448e4aaff379bc2a314eb10cf54d4e7bf44427b16608b9f4d4b0d2a421fa20a38a99ffd3a5663c531b6a9250bfab712f4f20c2a366c549d3592b60fecbfd1046df5e9432938a14a0015f2bb2cc9fd7104d006530548daea4b64ad64764c7636105dc71b79545d42548524e2d1b7f83fd243d7b7f055c785fb511857f8"}) 20:38:01 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000300)={0x1, 0x0, [{0x0, 0x2, 0x0, 0x0, @sint}]}) 20:38:01 executing program 4: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r2, &(0x7f0000000080)=ANY=[], 0x2bcf) shutdown(r2, 0x0) dup2(r2, r1) splice(r1, 0x0, r0, 0x0, 0x7fffffff, 0x0) [ 221.433463][ T9857] ptrace attach of "/root/syz-executor.4"[9850] was attempted by "/root/syz-executor.4"[9857] 20:38:01 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x3c1, 0x3, 0x378, 0x1d0, 0xc8, 0x0, 0x1d0, 0x5803, 0x2a8, 0x2e8, 0x2e8, 0x2a8, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'bridge0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1d0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0, 'string\x00'}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1}}, @common=@inet=@socket1={{0x28, 'socket\x00', 0x2}, 0x4}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ipv6={@ipv4={[], [], @remote}, @loopback, [], [], 'veth0_to_team\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d8) sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000010101020000000000a14dd265a627050bd1377239b26ae9ca4a2c029a11c813a88d07000000000000008a8e078ec8484b98d357e4efbce57edb3b94bd4723fcb868105863ab66c9714728800e038cbdb7e0e894214cebe2216161bdd3c3c192c26fcb3593a363847bbfcd4b3ba0956dcebe228693cc93b2cffaf87c289cf38ff1060019077cbdb811e9234b42606b8c3ad1c089748421f984"], 0x14}}, 0x0) [ 221.560665][ T28] audit: type=1804 audit(1593463081.268:25): pid=9870 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/86/bus" dev="sda1" ino=16074 res=1 20:38:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0xaeb7, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) 20:38:01 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a02}]) 20:38:01 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:01 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0) 20:38:01 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88882, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000100)={'syzkaller1\x00', 0xa732}) r6 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r6, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', {0x7, 0x0, @multicast2}}) write$tun(0xffffffffffffffff, &(0x7f0000000140)={@val, @void, @eth={@multicast, @local, @void, {@ipv4={0x800, @tipc={{0x7, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@cipso={0x86, 0x6}]}}, @payload_named={{{{{0x28, 0x0, 0x0, 0x0, 0x0, 0xa}}}}}}}}}}, 0x56) write$binfmt_misc(r3, &(0x7f0000000140)=ANY=[], 0x1000000c8) splice(r2, 0x0, r4, 0x0, 0x18100, 0x0) 20:38:01 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000005540)=[{{0x0, 0xe00403e8, &(0x7f0000000240)=[{&(0x7f0000001340)=""/4067, 0x20002323}], 0x1, 0x0, 0x2000012, 0x1f4}}], 0x1, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x170) [ 221.696307][ T9883] xt_socket: unknown flags 0x4 [ 221.836516][ T28] audit: type=1804 audit(1593463081.538:26): pid=9892 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/87/bus" dev="sda1" ino=16084 res=1 20:38:01 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000005540)=[{{0x0, 0xe00403e8, &(0x7f0000000240)=[{&(0x7f0000001340)=""/4067, 0x20002323}], 0x1, 0x0, 0x2000012, 0x1f4}}], 0x3, 0x100, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x170) 20:38:01 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a02}]) 20:38:01 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x6) r1 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00') sendfile(r0, r1, &(0x7f0000000240)=0xe300, 0x4000000000dc) 20:38:01 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000001c0)=ANY=[@ANYBLOB="dc72d6128eaba68be112b6449c552e805421f8ac4e63a66255f9f46d302c1f325d1901055f7f967214b33528dd8ed3541d8ec393960946a515e90bd343be"], 0x2) r0 = socket(0x11, 0x800000003, 0x8) bind(r0, &(0x7f0000000380)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x541c, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180)='nl80211\x00') bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xeb}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r1, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860ac5cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfed4, 0x20c49a, 0x0, 0x27) r2 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = fcntl$dupfd(r2, 0x0, r3) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000980)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980700009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000008800000000000002726f7365300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000fb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff000000000000000000000000030000000700000000000000000000000000000048004354000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fa00000000400000000000000000000000000100000000000000000000000000000000ee00000000000000000000000000000000000000000000000000000000000000000000000000200000000000000500000000000400000000000000000000000000000070009000000000000000000000000000000000000000010020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1) 20:38:01 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x42) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000004c0)='./file0\x00', 0x0, 0x7a04, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002", 0x11}], 0x0, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.sched_load_balance\x00', 0x2, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vga_arbiter\x00', 0x101000, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={0x0, 0x70}, 0x1, 0x0, 0x0, 0x4000090}, 0x40000) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) renameat(0xffffffffffffffff, &(0x7f0000000400)='./file0\x00', r2, &(0x7f0000000500)='./file0\x00') writev(r1, &(0x7f0000000040)=[{&(0x7f00000001c0)='0', 0x1}, {&(0x7f0000000140)='2', 0x1}], 0x2) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000300)={[0x81, 0xa4, 0x80000000, 0x6, 0x1, 0x2, 0x8000, 0x3, 0x9, 0x3, 0x101, 0x3b4, 0x20, 0x2, 0x723, 0xfffffffffffffffc], 0x10000, 0x4026}) r3 = dup(0xffffffffffffffff) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r3, 0xc0406618, &(0x7f00000003c0)={{0x3, 0x0, @identifier="9d0dfe75ada35e6a5d3541e685101f24"}}) [ 222.133154][ T28] audit: type=1804 audit(1593463081.838:27): pid=9930 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/88/bus" dev="sda1" ino=16069 res=1 20:38:01 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a02}]) [ 222.266721][ T9933] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables [ 222.522112][ T28] audit: type=1804 audit(1593463082.228:28): pid=9943 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/89/bus" dev="sda1" ino=16086 res=1 20:38:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a02}]) 20:38:02 executing program 5: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)) r1 = syz_open_pts(r0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = dup2(r1, r2) ioctl$TCXONC(r3, 0x540a, 0x3) [ 222.870454][ T28] audit: type=1804 audit(1593463082.578:29): pid=9959 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/90/bus" dev="sda1" ino=16085 res=1 20:38:04 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:04 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x15, 0x0, 0x0, 0x0, 0x454}, 0x40) 20:38:04 executing program 2: r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:04 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000001180)='threaded\x00', 0xfc9a) lseek(r0, 0x0, 0x4) 20:38:04 executing program 4: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xfffffffffffffd0b}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x7) 20:38:04 executing program 0: syslog(0x3, &(0x7f0000000000)=""/59, 0x9) 20:38:04 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x42) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000004c0)='./file0\x00', 0x0, 0x7a04, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000040)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.sched_load_balance\x00', 0x2, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vga_arbiter\x00', 0x101000, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="4d0000e669a900", @ANYRES16=r3, @ANYBLOB="020025bd7000fedadf251b0000000800011d1bbf70ddac9852557567287307000200000024002280080006002a000000080003003f00000008000400000100000000228008000100050000000800070009000000080005000180000008000500ff0300000400cc00080001000400000010dbb46914b7c0835502cf0c6b6eed234269dbfc7beff4bb0e426d2af214ee0a58a0e5f1704bfb924f6cef2088be2384ffccebb442e9714eb0c046bdcafcb60257bce73d2b5865e670a6b0a6592d25ee88d0ba2e7ac3ef0e5d494b3b81f97bb8e672109c0aef1faaa290ab24ccaa7e9aa55066bf2fb3995e7732ef5b948a0082522c7fd23736472beb3a5a2f281dbf1dd15cae839d60ac176bf6c8a847379fc2be5c68aa4bb74b9a0100bd9296f72d2f5a2f35a470b0d40a4ebdb4c1118c2a13066aa933206a4248b935f630de0df5d46a54f4608ffd9db62e601eacfda22c0f75a0c59c565f"], 0x70}, 0x1, 0x0, 0x0, 0x4000090}, 0x40000) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) renameat(0xffffffffffffffff, &(0x7f0000000400)='./file0\x00', r2, 0x0) writev(r1, &(0x7f0000000040)=[{&(0x7f00000001c0)='0', 0x1}, {&(0x7f0000000140)='2', 0x1}], 0x2) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000300)={[0x81, 0xa4, 0x80000000, 0x6, 0x1, 0x2, 0x8000, 0x3, 0x9, 0x3, 0x101, 0x0, 0x20, 0x2, 0x723, 0xfffffffffffffffc], 0x10000, 0x4026}) r4 = dup(0xffffffffffffffff) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r4, 0xc0406618, &(0x7f00000003c0)={{0x3, 0x0, @identifier="9d0dfe75ada35e6a5d3541e685101f24"}}) 20:38:04 executing program 4: syslog(0x4, &(0x7f0000000000)=""/59, 0x3b) [ 224.926993][ T28] audit: type=1804 audit(1593463084.628:30): pid=9984 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/91/bus" dev="sda1" ino=16099 res=1 [ 224.939649][ T9987] ptrace attach of "/root/syz-executor.4"[9986] was attempted by "/root/syz-executor.4"[9987] 20:38:04 executing program 5: perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x1}, 0x4c000, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x149700, 0x0) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00000000000000000000110000002c00038008000200000000000800020000000011080002000000160008000200000000000800010000800c0001006574683a776731002400038008000300000000000800010000000000080003000000000008000100000000003000058008000100756470001c0002800800020000000000080001000000000008000200000000000800010065746800a4d5280386a992be91"], 0xa4}}, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000200)) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000580)="62f23e748cdfecc0d3bcb88248f9f8f8e87edc5637656d6e511dcdc6041c8d8a0957939950c15c7ac6360c7820e1d5957ba4167f17600b58767db91e29eb92a20f86dddfb0f8dda322d3ddeadba924051c7894f228f090746b1a55e851e7dcaae4d8411f6806d216b4f2e7eca231a301cc0c9bb4bb5598a943", 0x79, 0x9}], 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@private1={0xfc, 0x1, [], 0x1}, 0x0, 0x0, 0x1, 0x1, 0xfffb, 0x0, 0x400000000}, 0x20) r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00') r3 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x80000000) inotify_rm_watch(0xffffffffffffffff, r3) inotify_rm_watch(0xffffffffffffffff, r3) sendfile(r1, r2, &(0x7f0000000240)=0x202, 0x4000000000dc) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000300)=ANY=[@ANYBLOB="1bd539bac0"]) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xabb, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000101308006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c) 20:38:04 executing program 2: r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:04 executing program 0: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000001180)='threaded\x00', 0xfc9a) lseek(r0, 0x0, 0x4) sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x60, 0x0, 0x4, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0x2}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_MAC_ADDRS={0x1c, 0xa6, 0x0, 0x1, [{0xa, 0x0, @remote}, {0xa, 0x0, @random="dedebde9458d"}]}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x0, @dev={[], 0x15}}]}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x6, 0x1}}]}, 0x60}, 0x1, 0x0, 0x0, 0x200008c4}, 0x40) 20:38:04 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) socket$packet(0x11, 0x3, 0x300) connect$inet6(r0, &(0x7f00000007c0)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000001500)=[{0x0}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd1dd89172a4b0db90eea51bdfec78bb53e8d41773cba7f1305a8a40b7368445a71ef7870273f1544930baf73a8bfa6ece09d54376b821b65fdf1e0704f1f3c5a823fa67f635159af010053f5b909f8e944c43d6fb1c4fca639b470d3e6ad140d0838958ecf0fc98a780205474fdeb93a97d27b4f3314a9585129aaec893d7fe36d87fd746841ac5c60b31e1732a1a3ca0afcc4068cdde63b142700c563c1ab59dc0b7200723bf21c694583ed8fed1b2bc5c204df3812c223ce0de2f40b69e7f4e8ba1c3ebc31de2f4190e3f1ceb", 0xf7}, {&(0x7f00000012c0)}, {&(0x7f0000000280)="0c22fcc306e8a4d628dc3f33cd1758b784d34ef62ecd943b96c5573b05e34886b55503a08eeac42aafc204e9fec654b4b0853f4c32d8d6f8968a96b81710a9ed49ae96ea22eb07accdc99ed31fb48b921b4c9af7278829eb32247169da3593e5e73371e82e3558cd87b9c876b91e091e933496ae3a6b5a00a79f50110980c83af2fd44e0f08908f806be4146080def894a3ac87c3d214e32b0e031c8873b6ed3cdb9c160ee236576cb5a749ee356d4f5df961b35ec3667bcfa641e2c812a5eefbd78546783b6bd280dc4ec1cd015bee7d07f0993d6", 0xd5}, {&(0x7f0000001440)="7b18908bcd34b2f4eef2193c5f89bb79551b5d7000ccc31628374b03e7f0", 0x1e}], 0x5, 0x0, 0x0, 0xffffffe0}}], 0x1, 0x400000a) [ 225.186169][ T28] audit: type=1804 audit(1593463084.888:31): pid=10004 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/92/bus" dev="sda1" ino=16105 res=1 [ 225.211218][T10001] FAT-fs (loop3): bogus number of FAT sectors [ 225.223590][T10001] FAT-fs (loop3): Can't find a valid FAT filesystem [ 225.364300][T10016] FAT-fs (loop3): bogus number of FAT sectors [ 225.383243][T10016] FAT-fs (loop3): Can't find a valid FAT filesystem [ 225.603975][T10005] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 796157294)! [ 225.615514][T10005] EXT4-fs (loop5): group descriptors corrupted! 20:38:07 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:07 executing program 2: r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:07 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x6c, 0x6c, 0x4, [@restrict, @const, @restrict, @func, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0x88}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:38:07 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x108, 0x354, 0x98, 0x108, 0x0, 0x1d8, 0x198, 0x198, 0x1d8, 0x198, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0xc0, 0x108, 0x0, {}, [@common=@inet=@socket2={{0x28, 'socket\x00'}}, @common=@ttl={{0x28, 'ttl\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0xcc03}}}, {{@uncond, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "d652"}}]}, @common=@inet=@SET3={0x38, 'SET\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2d0) 20:38:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0xaeb7, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) 20:38:07 executing program 5: perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x1}, 0x4c000, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x149700, 0x0) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00000000000000000000110000002c00038008000200000000000800020000000011080002000000160008000200000000000800010000800c0001006574683a776731002400038008000300000000000800010000000000080003000000000008000100000000003000058008000100756470001c0002800800020000000000080001000000000008000200000000000800010065746800a4d5280386a992be91"], 0xa4}}, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000200)) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000580)="62f23e748cdfecc0d3bcb88248f9f8f8e87edc5637656d6e511dcdc6041c8d8a0957939950c15c7ac6360c7820e1d5957ba4167f17600b58767db91e29eb92a20f86dddfb0f8dda322d3ddeadba924051c7894f228f090746b1a55e851e7dcaae4d8411f6806d216b4f2e7eca231a301cc0c9bb4bb5598a943", 0x79, 0x9}], 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@private1={0xfc, 0x1, [], 0x1}, 0x0, 0x0, 0x1, 0x1, 0xfffb, 0x0, 0x400000000}, 0x20) r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00') r3 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x80000000) inotify_rm_watch(0xffffffffffffffff, r3) inotify_rm_watch(0xffffffffffffffff, r3) sendfile(r1, r2, &(0x7f0000000240)=0x202, 0x4000000000dc) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000300)=ANY=[@ANYBLOB="1bd539bac0"]) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xabb, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000101308006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c) [ 228.102098][T10042] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 228.139814][T10047] ptrace attach of "/root/syz-executor.0"[10044] was attempted by "/root/syz-executor.0"[10047] 20:38:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0xc028ae92, &(0x7f0000000580)={{0x0, 0x0, 0x80}, "f20145374ec03dea446d92b2117761528576cb5678fea0dd87bbf8ffdc6d329bb4e4bcf50e83e67067c6598de642751ad556fc0398294f61fd99b13f3ca29a893c773803fb1b098af7fdd022fde3b9319a369db136b2fea20e6db2e6abfabfe1c5b2bec3695df091fccc99e98e5626d079c854db53c8b76c093ff9027e5b030ce9dc0f1d2436c8f2910c6dca8cdeb33ccb30aa638c9cc22db37cf69076003a80d7c188c36f1847910fe2c5c5dd0eb812d71ca26cf0a037551ecdfe2951916d971430e90c7859316e554646aaaa432371997e5891238d09ae5d17254d50956972c8748f6194cab16a6cade4319836d6c6724f8676f788d32112134a21b97ff3527d0e69c81cda6c5d73178f3014f569644a1aceffee3b97784cb3b2a082bcc6480ae8ce356b673b404ea37f1363d4ce27acae77b1121f5f6a0eb057a99b81c30df901233794d2d58a1ccdd10e704eb9a8b35278dd420a64854ae12bc0c8188c95241061a0825eb024254f2dd92d42b4e2391bcc50f623c5323c07754a04b961515acb51bc8b35acff98397286fef478542c21511a78968dc4cc07b62b650ac6f35d5cb43e2f5da7f428a335ae2725acd4eded7afbf80439a7ed1aaf1bdd53fc3cbfc52e7b4afc96b93281f795817ea61b42f5b6dbe7f0b52312b0fef3e0f6ef78c6465642a4d5e7983adb7211fea2590b28277ca98647b11febc8a2d1c9043afeeb37a3df2155aad5e06c6fd5f3c49d9fd44a9e24dd4d5e46466b3b4b9983e55daa419bf17e96d722da3639e17b30a4c94ee47b889e4ae7a7b5f60b615450e56bdabfcb86c6fb5346bbb94fe431d4a8724653eab69ec164f71f213fb174e623abaaf88ac69e80f5a8f3dd943d372a6b120bef67d99f223c37df1d4e0a465fdd68c7f510dbd4dc942cf996955c8c79d337a757ceeae6da96aa994979af29987db5cb64244c35812085c19c2ab30e1f3b6029fa0eebf12d00b661db89e1a8e7077286abb0e359e996367386043d710324750514a1824301689ff92b8476f1848a8ff85113db12afe2472f807b8ad29433baa871a9e2df67039b15306ce912392330cdb1eaecc2ced9c102b08d7fdf8217121b8ea3938059aac8a2df95c067605bb2cfbe57177d0ebbb38d8c16e68ebdf47fdb02d3bf7e87443439ff838a76e5a36d3dde460f524fb553559a27a3982a1757ba6135c20f991c655a05da096325272681b01b07910a1ed70fae5154a6dd4b6dc678f8780236f8415ca67d16f9fe7275fad925d341db628adb5f30b2de15868a173ea723fa3447a2dd513f31dd5086cc39ca8e63bdbb65b2776a58e9fde2403108444267569a076b67ec5cf3cc9bb460718b9a9049a25225058fb4b6235cca408e53fca7071e1cd33ee9d008f7d3547e4057d02cb7f00101d96bb1826a69d8b6b1496b8b72a074af4fe5abe094988790175db0d840865b2b3e4adf940fbf0d101e47ade3f1fc75c6dcb1cc6ad3dbbfd7d74909ee8f1613dd499a74163e0d7b9ea886993e083332ce648b80f7dc7e35bac532447794661f7f10ac11822cd0f0cb95ba88cd57046fa01cf76bf1a8d329028f5d405718ba6ffdd1c9dacdce01c4fb711fd4f954ef5165424bfaebd78b3bf5af616a760ed958d2789688f9479ec7c15a7662c31e28821881e6c08502c3806049e2c56e1e4d7a025b2d35700585c2cd1f23812d2421b385d4b61cccd0208eeb29920be0e74b42fb48fb29941d37adbf50d9653ab286da31435499fb1601c591359f2ed1839b4a1569d3455d82ca0afcd50f42b6074e9a9a4b521ada1ae81ea41ad695a10d9225354b7999b9ffd0f9b18a2648a106403cbd06c72c877b163193bbce2b06cc8832e84ce0ef3d6ef851c4eb78cc4deff8b60c08cd10659bc89d74efbb62aceeeb7a614ee015538b0f39de2b6e1423df970134b07d9523bb4f01be7d7fa64a9b30c57251aa774b73c0e5449032f0c0b0c38211dc668a412d2ab394bac83752070fa2dff1593189a8cb0b16f78221e9fd530e92d2fc20fedeea0c049fa185b513d37cd7b2a98a59b01a1b3bc17fa5d4073bb3d508363798962cac437e3b2a123843f9c234260ac2aa1b8e5463220b0d17e08d9fa1c61222928fada89975aca6151510b591730678109d8bdcd0ddc32905ca3d2866a80522ad099743c7647300726c011105a33b18bd5b1926e85c3dec3b15fe8d21a86d6555b4316a3d25b692435866424cbb7e50e44556c0e6b8763224e95b70d21de9e610c376921bbca5833df1fa8f77ba507acf747f4ebd5b47d44c629ac947fac1aaec13a0513cdc4755a93bc3407f8f11a4e2c85f1f052a62974610f7a2231d144a273397bd8e9a2080d7c3a0ccac507dc84fa9c85b1a54073f853ade076a72500e07de86d0483cfab54f1dd31f3ee37e4ccfcfb6a1be276edcba837499cf1e9a322cd91caa9802d6bd8e7738849ee20305995a281d6353347f0189a83c0e2e11e14ee5113db6ce981ae770b2063529c059c05a51071efc39cacf972e929c52f9093b91fdd5be954be1777fcd99559c190aa870d7b7674891982225f2d5c721700c394b4643b9f43d25387e1047884a3c8a9c03738143a25f69181d8aa996e6b69551aad78c601589f9cd6fffc444177a6cb11abf4ca25e73acd1d78c45e292946b63ed18992553fd54677297e543e0b4c17ae5c52a77847d4e95e6f8ca08ac178dba145c1bee31302f1f79f94482125b834378f782355ae710798dcfa89abcb61991ed1db8177c00f62aff9c2de780c5db1e41bdb23f5d60d94d5152839dd4063a9cd08d33206572090d80f5c643466a0ef2121eaddd89c28680118915eb2924312f4defe2e69aa53c8fa4689a9540b7baad59fc09bfd7b7966df502850255289e44cc5ef1a8a4b14c9e4b6fe03b27aba92457ccbf546469531d2a54d5cf8c34af3755b355f2925bc9db1be826fbd2e41a27c7a0aa65c4015405c61db20d9a6dcf1a49ac0cf7f048757f29d31b1d9d5ec732dd86a769233f8ec40b97656c493a2875485e87b0155ee519d2e891e91dab51c67c1401f66240396965ffb98db0460975ac4f02502d17c1a7fc28458686fcfcd311d443d4646354197beacb616bf96b47b90b133fdadd2401731c4762eb37858d103bdb145e514d59c4c9e327a82bb1efbe92f98e86b20a151191d213af79e903fcef935d83fdb91a052218e3589191418acfad47fd0a994a21de356568f274dbf8a90936edda2b766dacd30ce54ebf99342a4545b98d07b34115416981a2f86efa6e1d1917806ccf13e43effd559d783410165c22b21f7ca56aef3b8d392ce0a5f7216a826115d538457f6550db4320038045679fddee8c5b8cc53dccdf42d296c51cb0830bb180dadbb706e16a79a5830b2453cb405b60e92a4ed028554e3984cffc5cf42ad800a0ba8b0b25929e49d0dbfcef5338878b77aac8803ca3be20ce82d93a4af9730df32a6bf2b3c1b4ea6aa9d34595d5e30c4183f2ee3dcd7aa860706ae71b287affb8eb8fedaf7569a73a6aa612e11b2b8c0f1aa0cc4db69a697b4e9097e0cd448f00ddb9a7e2a3c34fd6018ddc48db31c321449a42b3fdbd40a380d04072e0e832719c978f21c828361f9b0c08637e4042b129a9354d1c16c0056e669a3a593da5906c4b21670bb3ec8fc2e8e828b218eecc5d928846ae44ce9a1eedeee85b2a208546b991ddd05c11bf94258b14e62a002bc1eec360cc8618cfd41c42e30944cdec83ecea8056c38fa875dfa6fba7d59647c8ef79719bfccf125ef07a9a50822e06367747936358b384ba2f1582b0b899cf331a382967451ab3eb82492f7888e3fd52cba227099562cb8f52584ed251659b24ec35c89034e2b2c51065798ec223c5b7eac781e054df2e58eb7c3d097a081e41fa11c85491c1788a8a0c46e4a1c1dc0aa38bd0ae5df52e7b7393796cd7c44185361207a260f45d1a3ec4228e2cc981de0ab1025aa228e154c4cdfe55310f644612c6329a20f949dd5c41ed7843dc9f4f6c13c7f83b02b935075ef56b0a8ebebd8d8618f59bf3bb78f8b127f443b930eddbd8015fb25d7b84e36dcf81ffcc3e689d1020f51e1b9c40378468b79d90eae8f2ad285cc6195b643877ebb37488df309a74f4afddb3369a57611f0264d6d48bb8ecdf1f1420df38ab132cb9dd3798f5720480c053febaa624b186a885f0df4e986b137c9748ab095312270df4d460b280988169ec2c27e84fe553f0532c41523bcda04245c7ede728ebb5d4efbb5e0488032cc019d9af2ab5ef97151a2ab2994d2fb4669e72ad6569ed44ce70296ca48ae02f8edf1c77f7a5ce9cfc6acaeebd77e9e3cc8cdbae206fc4aa059a6e4d74bc488e8cf312a94c3befe67954e9eaf433b23b9c415b63ffe03d6d18f452f7401ba9da5251a65149cce81c49ea0b6c78557029ec3562053955419c69c7750dcb309fc5bea065ee4bd5665eb7b46168d5f7bed8493b2db6a858aaf2a90a4eba841e4fc93f2ccb87c20e72d1196904e52a61f180b89c5d761f72801327e1312467040f8b13edae4fcd27937e46ea627e42874fd4dcd21382d0314997b0a8a1b2be120937a985672cc74c362b7bdbd1584dad10ef54e994a1f78f3b9d39969ae520cbad599d015816ee51b34c47f2f5e1d54c2b767583ae93ce4038905fbed95ddcd17696f981425e3fbe9955cda26d8c3856a1e9c4f1aaabda5fe490ee5205ffcae3408a28af4fa0ce95e9537c395026284c4e28d35c216b84c878e96071632be5160c16dd6db9e5fe0c27221edad05d9acbec5828577011d4ed4644e40e3b90928a5d229ae0928c340d87cfc9234953188c42ea77e781caa319d3cb8fb728a77bac3a58f94284fb02fa36234685a99e16a7d6380441d6008f1103dddba827c272a08af71cbc47d67ed0aa7466e1121f003f056f4d615933332ae7156e1318db0b52b834e2f87e63ca5499f13551939ab56b3a65fdb2e0db653f27f99ff4ab11f2c2a1c0bd08202ef958ae3df2006b269e0daabc6dcdd080b2018e6d197f8beb53d9dcebca743e54c87fd6d126508e27f647f4e33e322c5ba141e5a75aa213200cc0d80bd5e11992ebcfb3e4f40a93582b889392dfe09d26c9aa5bbe43278754ae2b691e42ad0b4c21646f9df38b340c7904ca62a5401b2f4fdb40e592484784d87afb7b3734df77c7938a32afbefce9188c7e29bf668ec2fc08a78d5a2770ce0f510acfed8a80de0693004d1079a21ceb3dd7d6aa54a674db30574f17997ce9a9c0723889baa32fcd673d4dc7e7149017e2da672c8eb1813bb06d044bebfeed5f9ff4c40fa35fa518a979aed9cf7bfec2ca3af16010af26bc6557430b840c17a8f5347982c94ab2d9d8104152a4d9d573f4436a5d0a7e3fa1797bd62f2334c23aad98beaa1c1d9db8557fd5478bedde72a3bea9cdee070e8602178789c8134c3a0f8f9e78956ef397d76d51732c0a50dd1da02cf56a931122175ced8b9effc423c8d230a428077b887ce693b139095ca0d991ee91e140c99c59f4cf4cdcd910edef9bb3e3f79e4addd9311e980fc48fdb7a64b06cd1e0a9c7bc347894a5aeb7dc591696d8ff075d68d56c13b6aa5d991a5d89ee2c0ef615967f7c60ce83a58732e744b544644aa470f2627629f7f707b596289a8ff9cc781d13bc215bf377a72a75156557cf1af58eb3802637953f0779928a7cbb816e02befc6509560276f79b0d233443e50ba210e288adc8a52222bf8f2d48bb68c9c9d3dda5fbf98a674c75feeb6016a4e0fd005bfdd2b741423501400cd62ff35f40c89f7", "056f9313ad8a1924c41c16320035cd91d62d8b764658d515960c422cfd10d462e4dfd237ede6d3515999c69c0555efde6c59dd1ce854ffe84b8c97d16ea00034d246d367dc56c52d0360949633b1b1fcaf4df58d2c2d9f610433f8cc3808bb0ab3fc150b3863aa17664cc697ba13873380dda307ffbe6876625d0f7b483af3b4e0f0bc4736bcc8b375b178a060d7ffc02901e8bfd49f9f55f838a7fb1e804be718ccf82a1015fdf5f61941b97566bd058ec8033a89ec4dbe682070e3630ea5da8634e68846267f74c5f6495cf498572f82f523572d3dd98fa69d6e27831a047358ecbf331c7b6f35e989731012b6dd30e2a8f3f406617fed8261cad7d5049cea63e91d4f6140c897fa877ea424e449d546f29c36c3c48b23162fe36ca630ee0e5350bcdfbede8469c1c4a9c431133b22ff3b1e166e93b77b3553b15d596847222b9003b6a8d2f5c1c22611eecec318bf11ba700e527834a59eecc0b60fac4e333173edee8713b6f6503eb16fa14f3b7bb0c0cef00d08ba5349796e3c6592cd772fc319312a0901e8ed1be4dee5844e844aabfd566620dbddbf0e7718ec55a5cc5137dfe27b13df1839a6163b0c0700472f15849e7616e31c0093940400feb118f00c8e95a3f77b3e333eadc6a49f784ab417d9be2629e76fd51e5e412201819288f52398a282831d39edad944ee5ba83e4d34521bdc57b0cfd6b5baed2287615ab554f444b5bdd709cdb4d03da397eefdbda8345f62df8de78267645f5b9457145bfa26e690703dbde383e0bf783ba40317e49afb3499511065e028423f0abe296c69a0dcc6ffe058a0658713b85dc5c457ba503840ad22bb5ceb0089bad491d2ea4cd1e986c9df8c2b51ec0ebdc3d2460bcea33465d294d02936bae7f76b11f5b82f8bcd6e15a13ec0f157491557139d10de002852af14d7485ec527fe5b821ca1d12d9ac2c4edf3d54a5abca9e52551a47c50c101b75e34c32724e43c812b4444420bd02202e4a69c72a4e17883131f593138e540b6ede9b43baf6009854593a705f107befdc5d214dbebf1822c1aa9371b5f83741d77c56e0e9cc149acdd24fddfe5637babb71253e24d0148f2d05deae8fd830981946900cbeb01180130424c162c96c76a1bdd5c1826bde4ce9c7666817d0ac4396aa794c5fc126fbf7122cf1b2662b227f7f9b796e143b01218d8a8abba16e4b5d806754dd2e75d86f3f4562cb06434ca2ccb23473d4ede5828f10cadb91e32490b428a522c4f0d9eb90751d9ba812cbc7eb11ac579cc1bb98b05b799866508d5c8f679e6d6fdcd8779ccad4c488d57bebb3748673ba1597a4cadb3b2c6552e1d1eccbfd0ab45718d183c807354d20c611c522fea1149e7f43c27513342ec5bc7477c3d80390e1e50061f50fc43e9755f35cf980229f7b4f1d9e0438c6c53056cc9c6c9966ab14beee12e27354300c165a11236d1cf6d315e1fce7d47c746c1bd6bb05ba4225cec6a81d126d4432d0acd74c843ed2635089cbc71cfe7f89f254e677dc3302a56c5fde71bc8a00b9523060cf9827e0aea7e07edbe672126f2ba62e7ceaf627413db116cce3d9cf06fc4cbcf95cb458b867f4c84b1ac9a8c2333c2b1af2297a688e3256c84fb2394498e7ff6eec66b01948aa191d0fbfcd4ff1a8dccd4913307b8d6d9d2f77f68765d64e93e696c00fa9f4b935bd186fd84893a8a6a182248e0f675fb5d36ea95ac5d1efda93a2e9bef691943d3240b23a7baa491313598dad218b4f9e9f446dd00b0f1fd06187d94c94e5521fd16fd6114a6889a268e1e5d2a1853370e7bc171173f17f3509f01144304966130959a87f644b81faa74495bb5fbee6c9264108917e949b6540832f095aae00f89db126fb983e3e8a72903f35d3fca5e305387b0efa78cfb108c59bf21bc72d0a72e2718238fb2aacb6b081f3f44874b3ceb9e4c84a29e71854ba0fc63cd06bb7f47b72b2ff9e15924d061b6569387af8ec0c7d921439d5fa00db759458b577f9bd306683e5882f9179ba4c28d7143fbd460ec126f87170277846b8286b7caefb28ba3297f5b133cffa3b74ee848164f87a20e4761c95357458d5f5f97bf4eaefc59d4a3b3ee961a30238c4aeafcf7d25b34fdb5a4d46713425c0b12a6edd24fffa18dcd420986baf37fff548296d5ceee9a6335ee7c5533d16ee54a0e83929fe4c23e97c6455c36b0007fac59b481be9db108ff59f2a5c471da5e5aa5adf02a83e3a7636573b0913291886bfea40af62edac766493ee329a83f2b2deb0221944e73eff413f51456b1da12b4607d9b640ede536a28f4f563ccf23cc78c70a2a719ba33558356500a21d0efd3595027989c961bfa583ac7562178bd97eb5f3034214ea8c068568204cd633de1a00b894e9b6473120d615e8ff29a09bfacfb7931ba4b92130519fa0ed116e6ef9661d927ade02893893426d2d2bae932c56794aaf1344c8a7aa58c05067814f5d88ae4bb33e78d68fd325e9d09069e9ddf65ae99a35731d2b4cf5233f7e39f02cb7dc7a5377f0a042ab6e2b5146f70e9e3ce2a21a07597e7cf28f6bf4c03b7d640848effd6df67eaf4e532f570deac6f05730864d298d4b0aa0e93e70a0aa520736a97ea1ecac0a8146770c6a9b02641ba53c5f80d1c3bec1cd1d909b7b69c55363e4920100ff507332be864e5b2fe65b906dedbf9995659aed1149fd8065df2c36add351b3a334b4edd1cb40264c1758e395fa163bf05d58e3c136e8f256c1ac7a5bd6097a90f9867e541a28117126fae22dc306cb28ca691b01c29eb0ab938f43446a62d488816b5a38b7f5a82035abcad1d487f651b588d7a9d4ba334613fc65d17136bb90d6dde17f52c02bdd15a81200a808e4a5fcbc1703b7638adc91c0f1361730a8f699169cbd1c9c8537625ca965d7a30da98796f3de3d268cbae69320a1db1d3aebcf9b112804c4cab535f958f237b59ab731bc98b0f7328fd19875c0d4563a9d05e89851121e633052d5c1e45aa978bac9802a1ab126436a904b8e88022b48270422a586205aa789d009ae8d8de2de24ea7bb4c8f62a875656f582a4ac57c8cf298b05c44a5866a36510390b3955128b29da8beff6e4f459ac0c029893f8e8c3b154f046165bbadba53472cf939fbd4779d138d8c3c038ca3db82dd4986db0ec02ca59b8713d92c27d235a9a6db505050ae0b7d15bdbd403a555cbae435a9ee8b5f638354d0cec460cc5c9ef6813862148965c4601cb29f40af81661a6e95e4f15c5d2d1ff02e10325d760788551bce9c927ebb53daa2e0bf331c8793be0b5a596e11bd8600c68d420e63c0c6a50ee61029379f3d1786c461a13bda7a3a6762d714604e28280879b79af8fcfaa6e8baebb30348e75519d9d217e8c9d5fad20685a0b2c9846036c3b782f87712a1c32a1a5801435f2151be3073411f67c8a50d4a399ca07f84d37721c474cb22bf981561a342cef03baf911f56d46e38ada42be95ab2002fc607ff7bec7b23ef713c9ac8172210dd7b1d724a0f9985761949fbd97ec03f75f121b67b198489ac1570746519cb86a026fbdf7a1aa5a076dbe68a939becd889c9c02211bfe3961a85a958e450edaf96b35ff4308b94024c5728e161acf15b1602add9b1a05da4425adb587197fe0d3949eb28d97b51aa5e2e726446a3582246c32524e409ffb9a4ec3d6075a1fb9c5ad1a3fafe81c4b0d7ea10c7e37df74f84692a3495cc326bd4fab8a1b292d5d079ae60b642c39a0c5e7da168247d1cdf1aa11d7d4ff7d28f27503bbcaeff0fe0bd66d9027210c4f284d47561e7141923d39b6dfd018008d042e3125070660327afe2add090a920820096597873eb3853f0d66eb4be7b752a08c02950b3fc0c6d2293fca10424c50b469403acece27f942687e3ba82d4f86253a40b98a394bb5fa21e669715c333cf4f28a2731d2576103c369122308dbb5935d80499283c5aec46c91f5ae2e1d97cc59911d47e33654f0552610a4777a88d3c383b907e753a7d87198f51a5347d972b1d599b7527338521026602fb0f24f885be8ec30252206dd004136f8a40b4d3ff5edab8cfd925406d19a614c74b10bb42005c25415942575c46f86ae417224cca7aefb9fe0fcff5c0a7be9303c8db22517a3c4e0aa33860b9cd81ccb05c8f764d22ba852ab0bc95f173f41b00d5e19ba793ba859b1ea3463b5a5fcfae4d6a730aaa45f964d0a42b4fb86c656b89a61b28e941452b87341fb90aa030cca7355b24ead6aef176b580dd6967b433fcabd7ad19ce2e04fe35ceb58836242dc3f4503b08a155d230353ad47595886b8a8e668ee73e04265fe4664bebd7b08904ebe3f6e9f3edf3ea4c8aa25ec89b376e15c8ee0223d9fba05432ba22d4ab19d10d2ea68634051f4eb4a06eb8dffa6b39ce29bcab91ceb540bde3bc1cd1d01d90bfabd46c49126eef3aaa379026352f7dd6df69a8b7cf19ad88cc03cd1dd6905b5d5d126ae1bdd232a4586a0a10aa0b31bb6497a5c36151fc1d093fabd0881e65633940d3de72f152c57f33dee275d6a01624627a932037165d0767a57ee29cd596b975b86bae03925e37bf659ee58bd0a94f7dc35c089c3ab12dd9a06ebf3905960498da5175c238564ec0c687f038af266cab50a775ae016762f7a66bd9d508ef30bc228ba5321e12095a138547a4269447434d5911bbd557e52d824626318c0c9efce86fa1ff6ea3d54cba90962bfe3ef4b4203ab7d9f0476f2eaf0fccbffc695c5cf1bf10cc6b347acaaddd5780024360c2b22ed799da9e56ced55fe5cdaf091d425f2eaee42b60ea2a4d4f025dd8f9e573d905615eb9db717346eb1926f8eaac687b7d35f28eec9e1e74d7555e48e889955e0b60330cb03b61f95bc5ee88c8e681f131488895813e0b95becb97336df8e7df96e0d511b0a583474e7cb69b7415833d3362f96c66ba210dba363dad80e8c9c1edacf755f9ba7ea7c0730cbe2d63ba5d8d5a185c3071d5884372781427f78ed5186c18faa9100c4293385cb815738f55e5c2365a9758d6ebb17cbfb69496c466b816c3e5645d53b9e323851e99aef19936bdf26000a79d99e7a1bfe7a735884e2d9b29237e5ceffcfb6d4d615953ef9acf2c3e9f8114d8865333c95bd416762b1fc40f0239e9f300c1fb1b84627e6964080117df0572dc546dbb705c058804805354fec891bcd5f20dc81749bcf0df77c7095b9b447dc04bd222873cc1c8ae9c5568d646c1a6b0e31ff1365b678f1fd9631aaef7bd1ee441f3b6ffaca2859223bff69946793d5aed75cc6c46df325520f1f5d00fbbf835a98c6dea9d6addbe3afc4d0082286a773ed45a918b0aa343bb8fbfefabae53b49f51cbb4b812c5198dcedf462555602da61061d7eb4d78cb6d4809beee79dceefec879d862dc77ee22762cd883620f0e55ce5e4256701a4f3014cba9222d13b2e29f7ef42e5e17724d91d2f8a39dda580c4920b755ec301fe9c3efd38f724f2367ed240c73cdf4b487007d3d95f278cb4460384ca89c8038f1d051e2210b840d78487621bfcbb5bbc285c3d66fb432f5128aaf378ceb026064a252b3a2adde77669829c6464e71210a2fa0f9930a631cc008922ef0992eca6dad11d41ac18c448e4aaff379bc2a314eb10cf54d4e7bf44427b16608b9f4d4b0d2a421fa20a38a99ffd3a5663c531b6a9250bfab712f4f20c2a366c549d3592b60fecbfd1046df5e9432938a14a0015f2bb2cc9fd7104d006530548daea4b64ad64764c7636105dc71b79545d42548524e2d1b7f83fd243d7b7f055c785fb511857f8"}) 20:38:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0xaeb7, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) [ 228.140943][ T28] audit: type=1804 audit(1593463087.848:32): pid=10043 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/93/bus" dev="sda1" ino=16117 res=1 20:38:07 executing program 2: syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:08 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000100)=0x2e4, 0x4) connect$inet6(r0, &(0x7f0000004540)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x2000000, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c910ccab00220bc31d41e44f96f67971b8ed8a3dc9eb4123a903d58da02dd1eca653150422bc91e9585fbf8", 0x57}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd1dd89172a4b0db90eea51bdfec78bb53e8d41773cba7f1305a8a40b7368445a71ef7870273f1544930baf73a8bfa6ece09d54376b821b65fdf1e0704f1f3c5a823fa67f635159af010053f5b909f8e944c43d6fb1c4fca639b470d3e6ad140d0838958ecf0fc98a780205474fdeb93a97d27b4f3314a9585129aaec893d7fe36d87fd746841ac5c60b31e1732a1a3ca0afcc4068cdde63b142700c563c1ab59dc0b7200723bf21c694583ed8fed1b2bc5c204df3812c223ce0de2f40b69e7f4e8ba1c3ebc31de2f4190e3f1ceb", 0xf7}, {&(0x7f00000012c0), 0x80fe}, {&(0x7f0000000280)="0c22fcc306e8a4d628dc3f33cd1758b784d34ef62ecd943b96c5573b05e34886b55503a08eeac42aafc204e9fec654b4b0853f4c32d8d6f8968a96b81710a9ed49ae96ea22eb07accdc99ed31fb48b921b4c9af7278829eb32247169da3593e5e73371e82e3558cd87b9c876b91e091e933496ae3a6b5a00a79f50110980c83af2fd44e0f08908f806be4146080def894a3ac87c3d214e32b0e031c8873b6ed3cdb9c160ee236576cb5a749ee356d4f5df961b35ec3667bcfa641e2c812a5eefbd78546783b6bd280dc4ec1cd015bee7d07f0993d6", 0xd5}, {&(0x7f0000001440)="7b18908bcd34b2f4eef2193c5f89bb79551b5d7000ccc31628374b03e7f0b8bbfe45", 0x22}], 0x5, 0x0, 0x0, 0xffffffe0}}], 0x400000000000132, 0x400000a) 20:38:08 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x78, 0x78, 0x4, [@restrict={0xc}, @const, @restrict, @func, @typedef, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}]}, {0x0, [0x0, 0x0]}}, 0x0, 0x94}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:38:08 executing program 4: syslog(0x3, &(0x7f0000000000)=""/59, 0x3b) [ 228.502931][ T28] audit: type=1804 audit(1593463088.208:33): pid=10075 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/94/file0/bus" dev="sda1" ino=16108 res=1 [ 228.545888][T10092] ptrace attach of "/root/syz-executor.0"[10091] was attempted by "/root/syz-executor.0"[10092] [ 228.589200][T10041] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 796157294)! [ 228.600793][T10041] EXT4-fs (loop5): group descriptors corrupted! 20:38:10 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(0x0, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:38:10 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000001180)='threaded\x00', 0xfc9a) lseek(r0, 0x0, 0x4) 20:38:10 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:10 executing program 2: syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:10 executing program 4: socket$netlink(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x4a}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r3, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@ipv4_newaddr={0x20, 0x14, 0x121, 0x0, 0x0, {0x2, 0x1, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@ipv4_newaddr={0x28, 0x14, 0x121, 0x0, 0x0, {0x2, 0x1, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @multicast2}, @IFA_BROADCAST={0x8, 0x4, @broadcast}]}, 0x28}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_deladdr={0x18, 0x15, 0x200, 0x0, 0x3, {0x2, 0x0, 0x0, 0xfe, r3}}, 0x18}}, 0x40) openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x80000, 0x0) 20:38:10 executing program 5: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) write$P9_RLERRORu(r0, &(0x7f0000000080)={0xf, 0x7, 0x0, {{0x2, '$&'}}}, 0xf) creat(&(0x7f0000000000)='./bus\x00', 0x0) 20:38:11 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000040)={'team_slave_0\x00', @random="dbdb28daee00"}) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="44000000100001040000fb0122be000000000000", @ANYRES32=r1, @ANYBLOB="000000000000000024001280110001006272696467655f736c617665000000000c000580080022"], 0x44}}, 0x0) [ 231.291230][T10120] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. 20:38:11 executing program 3: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000001c0)=ANY=[@ANYBLOB="dc72d6128eaba68be112b6449c552e805421f8ac4e63a66255f9f46d302c1f325d1901055f7f967214b33528dd8ed3541d8ec393960946a515e90bd343be", @ANYBLOB="e13990e00e4cd54db217ce05bd6cb19ebdc184d3cd1ffafa5de8ad8418e40ef31ec4e9a87ac4e25998be9f1b3dd94fed3196379131326bc405657a0321221f"], 0x2) r0 = socket(0x11, 0x800000003, 0x8) bind(r0, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r1, 0x4b45, &(0x7f0000000100)) ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f0000000000)) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180)='nl80211\x00') setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000040)=0x76, 0x4) bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xeb}]}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r2, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860ac5cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfed4, 0x20c49a, 0x0, 0x27) r3 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0xb, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) listen(0xffffffffffffffff, 0x8) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = fcntl$dupfd(r3, 0x0, r4) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000980)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980700009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000008800000000000002726f7365300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000fb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff000000000000000000000000030000000700000000000000000000000000000048004354000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fa00000000400000000000000000000000000100000000000000000000000000000000ee00000000000000000000000000000000000000000000000000000000000000000000000000200000000000000500000000000400000000000000000000000000000070009000000000000000000000000000000000000000010020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1) 20:38:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 231.389743][ T28] audit: type=1804 audit(1593463091.098:34): pid=10115 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/95/file0/bus" dev="sda1" ino=15749 res=1 [ 231.424962][T10125] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. 20:38:11 executing program 2: syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:11 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r4, 0xaeb7, 0x0) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, 0x0) 20:38:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_XSAVE(r2, 0x4008ae8a, &(0x7f0000001980)) 20:38:11 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(0x0, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:38:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0xaeb7, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) [ 231.740192][ T28] audit: type=1804 audit(1593463091.448:35): pid=10162 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/96/file0/bus" dev="sda1" ino=16137 res=1 [ 231.822934][T10144] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables 20:38:11 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x1}, 0x1c) sendmmsg(r2, &(0x7f0000006d00)=[{{0x0, 0x1002000, 0x0, 0x0, 0x0, 0x0, 0x5000000}}], 0xc6, 0x0) 20:38:11 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', 0x0, 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:11 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(0x0, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) [ 232.224980][ T28] audit: type=1804 audit(1593463091.928:36): pid=10194 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/97/bus" dev="sda1" ino=16029 res=1 20:38:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0xbf17845b73884bd4) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) 20:38:12 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x3, [@restrict, @const, @restrict, @func]}, {0x0, [0x0]}}, 0x0, 0x4b}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:38:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:12 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', 0x0, 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:12 executing program 3: mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xb9a5749b9a373000) 20:38:12 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_submit(0x0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) [ 233.141671][T10225] ptrace attach of "/root/syz-executor.4"[10220] was attempted by "/root/syz-executor.4"[10225] [ 233.158509][T10217] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) dup(0xffffffffffffffff) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000001980)) socket$inet_udplite(0x2, 0x2, 0x88) 20:38:12 executing program 3: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)) r1 = syz_open_pts(r0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = dup2(r1, r2) ioctl$TCXONC(r3, 0x540a, 0x0) 20:38:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 233.192071][ T28] audit: type=1804 audit(1593463092.898:37): pid=10219 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/98/bus" dev="sda1" ino=16150 res=1 20:38:13 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_submit(0x0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:38:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', 0x0, 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 233.477557][ T28] audit: type=1804 audit(1593463093.188:38): pid=10252 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/99/bus" dev="sda1" ino=16132 res=1 20:38:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) 20:38:13 executing program 3: clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x3c1, 0x3, 0x378, 0x1d0, 0xc8, 0x0, 0x1d0, 0x5803, 0x2a8, 0x2e8, 0x2e8, 0x2a8, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'bridge0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1d0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0, 'string\x00'}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1}}, @common=@inet=@socket1={{0x28, 'socket\x00', 0x2}, 0x4}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ipv6={@ipv4={[], [], @remote}, @loopback, [], [], 'veth0_to_team\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d8) sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}}, 0x0) 20:38:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:13 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_submit(0x0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:38:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:13 executing program 3: creat(&(0x7f0000000000)='./bus\x00', 0x0) mkdir(&(0x7f0000000200)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='overlay\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB=',lowerdir=.:file0']) chdir(&(0x7f0000000080)='./file0\x00') open(&(0x7f0000000400)='./bus\x00', 0x1141042, 0x0) [ 233.688511][T10259] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 233.700927][T10270] xt_socket: unknown flags 0x4 20:38:13 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 233.743789][T10272] FAT-fs (loop2): bogus number of reserved sectors [ 233.819210][T10272] FAT-fs (loop2): Can't find a valid FAT filesystem [ 233.880870][ T28] audit: type=1804 audit(1593463093.588:39): pid=10282 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/100/file0/bus" dev="sda1" ino=16029 res=1 20:38:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:13 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x15, 0x10, 0x3}, 0x3c) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r0, 0x28, &(0x7f00000001c0)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={r1}, 0xc) 20:38:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:13 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:13 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x6) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/vlan/config\x00') sendfile(r0, r1, &(0x7f0000000240)=0xe300, 0x4000000000dc) [ 234.203903][T10306] FAT-fs (loop2): bogus number of reserved sectors 20:38:14 executing program 5: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000040)={0x0, 'vlan0\x00'}) [ 234.260981][ T28] audit: type=1804 audit(1593463093.968:40): pid=10316 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/101/file0/bus" dev="sda1" ino=16156 res=1 [ 234.286671][T10306] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:14 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 234.340952][T10318] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:14 executing program 3: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x4, [@restrict, @const={0x3}, @restrict, @func, @typedef]}, {0x0, [0x0, 0x0]}}, 0x0, 0x58}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:38:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0x0, 0x4}]}) 20:38:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:14 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000000980)) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) [ 234.555961][T10344] ptrace attach of "/root/syz-executor.3"[10342] was attempted by "/root/syz-executor.3"[10344] [ 234.614584][T10346] FAT-fs (loop2): bogus number of reserved sectors [ 234.644461][T10346] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 234.692367][ T28] audit: type=1804 audit(1593463094.398:41): pid=10346 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/102/file0/bus" dev="sda1" ino=16168 res=1 20:38:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:14 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, 0x0, 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:14 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x4c, 0x0, 0x0, 0x0, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_ELP_INTERVAL={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x20000801) 20:38:14 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x40000000003, 0x4, 0x4, 0x7cb, 0x0, 0xffffffffffffff9c}, 0x2c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x4, &(0x7f0000000880)={0x3, 0x0, 0x0, 0x0, 0x20000000, 0x0}, 0x2c) close(r0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcsa\x00', 0x0, 0x0) poll(&(0x7f0000000280), 0x200000000000007a, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) r5 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) fstat(r5, &(0x7f0000000100)) setresuid(0x0, r4, 0x0) r6 = socket(0x0, 0x6, 0x0) sendmsg$unix(r6, &(0x7f00000004c0)={&(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000bc0)=[{&(0x7f0000000000)='i', 0x1}, {&(0x7f00000007c0)="8822561d31332f2a67f04a1cfb2ca72abe9c01476015fcc0d87430bd01a2ee46613e959aa83d441bb6fb7a2666ae7f9c78f6b67d112c00bcfd7ad7eb1cd074482476297f2a2ec2d0a7332e9a5a9598a330919d663c8242c617f4dee82ffb851b928cf23beb9f5c16f9af", 0x6a}, {0x0}, {&(0x7f00000008c0)="1181f78089604ef29a1a8e0f5d58277b8e819b95c363f38adc53f2a4a5f4b6e59657995022122eed1f71e1355d1c1169ee4e9c921c68d89aef9d95a6d5574a15ea705356723a8e772b4972890b0ab231", 0x50}, {&(0x7f0000000940)="33f7343356041cea0b42a7ebd0349ae1cf4fd9820d868e9a335a2537f03219b5d49420d28fa18361feab631248220ae561abfb2ec8a10189fcdb17b6df3689c15330744680915cb441b9d608b4dfa742f3fe8555", 0x54}, {&(0x7f00000009c0)="b5f500abac85da78b2f78de41194005cdbd69ef255e90633ad6a3d8df9d61c88ce00e1c33945a2e797f7a8e78a004449000fce3f17fa461bc5f725f6a2899148895bf45664d5d5c1b2265a279332d6f47292be1e75068a5066d6f513c2d1c253967a14be03840ca5b611cc9807a24564fa55da54f2ac466fcbc10daf7785e6c47d8d13c6939f70821070d5512f93c06579442a52c72b52404c7bb1f1355c2844a48fb0e4138e66b7920154240d71c8cd83c3e24a78af16848e631e0016e34d345c2c8a66791d1698d68e8d1c81878f37680cb43d41be4cbfb1e4d6220a145ca8bb8deefce5d798d6", 0xe8}, {&(0x7f0000000ac0)='\n', 0x1}], 0x7, &(0x7f00000001c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0x40}, 0x0) quotactl(0x81, &(0x7f0000000000)='./file0\x00', r4, &(0x7f0000000040)="c7286272965a49f4c3d9b80917d936515e6b") r7 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') sendfile(r1, r7, 0x0, 0x800000080004103) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) 20:38:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 234.964000][T10373] FAT-fs (loop2): bogus number of reserved sectors [ 234.965376][T10376] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:14 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 235.026180][T10373] FAT-fs (loop2): Can't find a valid FAT filesystem [ 235.041239][ T28] audit: type=1804 audit(1593463094.748:42): pid=10386 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/103/file0/bus" dev="sda1" ino=16132 res=1 20:38:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, 0x0, 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:14 executing program 0: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:14 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) getsockopt$inet_int(r2, 0x0, 0x13, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 20:38:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:15 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000004540)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x2000000, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c910ccab00220bc31d41e44f96f67971b8ed8a3dc9eb4123a903d58da02dd1eca653150422bc91e9585fbf8", 0x57}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd1dd89172a4b0db90eea51bdfec78bb53e8d41773cba7f1305a8a40b7368445a71ef7870273f1544930baf73a8bfa6ece09d54376b821b65fdf1e0704f1f3c5a823fa67f635159af010053f5b909f8e944c43d6fb1c4fca639b470d3e6ad140d0838958ecf0fc98a780205474fdeb93a97d27b4f3314a9585129aaec893d7fe36d87fd746841ac5c60b31e1732a1a3ca0afcc4068cdde63b142700c563c1ab59dc0b7200723bf21c694583ed8fed1b2bc5c204df3812c223ce0de2f40b69e7f4e8ba1c3ebc31de2f4190e3f1ceb", 0xf7}, {&(0x7f00000012c0), 0x80fe}, {&(0x7f0000000280)="0c22fcc306e8a4d628dc3f33cd1758b784d34ef62ecd943b96c5573b05e34886b55503a08eeac42aafc204e9fec654b4b0853f4c32d8d6f8968a96b81710a9ed49ae96ea22eb07accdc99ed31fb48b921b4c9af7278829eb32247169da3593e5e73371e82e3558cd87b9c876b91e091e933496ae3a6b5a00a79f50110980c83af2fd44e0f08908f806be4146080def894a3ac87c3d214e32b0e031c8873b6ed3cdb9c160ee236576cb5a749ee356d4f5df961b35ec3667bcfa641e2c812a5eefbd78546783b6bd280dc4ec1cd015bee7d07f0993d6", 0xd5}, {&(0x7f0000001440)="7b18908bcd34b2f4eef2193c5f89bb79551b5d7000ccc31628374b03e7f0b8bbfe45", 0x22}], 0x5, 0x0, 0x0, 0xffffffe0}}], 0x400000000000132, 0x400000a) [ 235.311250][T10402] FAT-fs (loop2): bogus number of reserved sectors [ 235.311260][T10402] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:15 executing program 0: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 235.372502][ T28] audit: type=1804 audit(1593463095.078:43): pid=10402 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/104/file0/bus" dev="sda1" ino=16150 res=1 20:38:15 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, 0x0, 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:15 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:15 executing program 3: r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000001180)='threaded\x00', 0xfc9a) fallocate(r0, 0x11, 0x0, 0x8) [ 235.479032][T10412] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 235.614006][T10426] FAT-fs (loop2): bogus number of reserved sectors [ 235.614018][T10426] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:16 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x40000000003, 0x4, 0x4, 0x7cb, 0x0, 0xffffffffffffff9c}, 0x2c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x4, &(0x7f0000000880)={0x3, 0x0, 0x0, 0x0, 0x20000000, 0x0}, 0x2c) close(r0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcsa\x00', 0x0, 0x0) poll(&(0x7f0000000280), 0x200000000000007a, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) r5 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) fstat(r5, &(0x7f0000000100)) setresuid(0x0, r4, 0x0) r6 = socket(0x0, 0x6, 0x0) sendmsg$unix(r6, &(0x7f00000004c0)={&(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000bc0)=[{&(0x7f0000000000)='i', 0x1}, {&(0x7f00000007c0)="8822561d31332f2a67f04a1cfb2ca72abe9c01476015fcc0d87430bd01a2ee46613e959aa83d441bb6fb7a2666ae7f9c78f6b67d112c00bcfd7ad7eb1cd074482476297f2a2ec2d0a7332e9a5a9598a330919d663c8242c617f4dee82ffb851b928cf23beb9f5c16f9af", 0x6a}, {0x0}, {&(0x7f00000008c0)="1181f78089604ef29a1a8e0f5d58277b8e819b95c363f38adc53f2a4a5f4b6e59657995022122eed1f71e1355d1c1169ee4e9c921c68d89aef9d95a6d5574a15ea705356723a8e772b4972890b0ab231", 0x50}, {&(0x7f0000000940)="33f7343356041cea0b42a7ebd0349ae1cf4fd9820d868e9a335a2537f03219b5d49420d28fa18361feab631248220ae561abfb2ec8a10189fcdb17b6df3689c15330744680915cb441b9d608b4dfa742f3fe8555", 0x54}, {&(0x7f00000009c0)="b5f500abac85da78b2f78de41194005cdbd69ef255e90633ad6a3d8df9d61c88ce00e1c33945a2e797f7a8e78a004449000fce3f17fa461bc5f725f6a2899148895bf45664d5d5c1b2265a279332d6f47292be1e75068a5066d6f513c2d1c253967a14be03840ca5b611cc9807a24564fa55da54f2ac466fcbc10daf7785e6c47d8d13c6939f70821070d5512f93c06579442a52c72b52404c7bb1f1355c2844a48fb0e4138e66b7920154240d71c8cd83c3e24a78af16848e631e0016e34d345c2c8a66791d1698d68e8d1c81878f37680cb43d41be4cbfb1e4d6220a145ca8bb8deefce5d798d6", 0xe8}, {&(0x7f0000000ac0)='\n', 0x1}], 0x7, &(0x7f00000001c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0x40}, 0x0) quotactl(0x81, &(0x7f0000000000)='./file0\x00', r4, &(0x7f0000000040)="c7286272965a49f4c3d9b80917d936515e6b") r7 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') sendfile(r1, r7, 0x0, 0x800000080004103) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) 20:38:16 executing program 0: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:16 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x1}, 0x8) connect$inet6(r0, &(0x7f00000007c0)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x2000000, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c910ccab00220bc31d41e44f96f67971b8ed8a3dc9eb4123a903d58da02dd1eca653150422bc91e9585fbf8", 0x57}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd1dd89172a4b0db90eea51bdfec78bb53e8d41773cba7f1305a8a40b7368445a71ef7870273f1544930baf73a8bfa6ece09d54376b821b65fdf1e0704f1f3c5a823fa67f635159af010053f5b909f8e944c43d6fb1c4fca639b470d3e6ad140d0838958ecf0fc98a780205474fdeb93a97d27b4f3314a9585129aaec893d7fe36d87fd746841ac5c60b31e1732a1a3ca0afcc4068cdde63b142700c563c1ab59dc0b7200723bf21c694583ed8fed1b2bc5c204df3812c223ce0de2f40b69e7f4e8ba1c3ebc31de2f4190e3f1ceb", 0xf7}, {&(0x7f00000012c0), 0x80fe}, {&(0x7f0000000280)="0c22fcc306e8a4d628dc3f33cd1758b784d34ef62ecd943b96c5573b05e34886b55503a08eeac42aafc204e9fec654b4b0853f4c32d8d6f8968a96b81710a9ed49ae96ea22eb07accdc99ed31fb48b921b4c9af7278829eb32247169da3593e5e73371e82e3558cd87b9c876b91e091e933496ae3a6b5a00a79f50110980c83af2fd44e0f08908f806be4146080def894a3ac87c3d214e32b0e031c8873b6ed3cdb9c160ee236576cb5a749ee356d4f5df961b35ec3667bcfa641e2c812a5eefbd78546783b6bd280dc4ec1cd015bee7d07f0993d6", 0xd5}, {&(0x7f0000001440)="7b18908bcd34b2f4eef2193c5f89bb79551b5d7000ccc31628374b03e7f0b8bbfe45", 0x22}], 0x5, 0x0, 0x0, 0xffffffe0}}], 0x400000000000132, 0x400000a) 20:38:16 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, 0xffffffffffffffff, 0x0) 20:38:16 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, &(0x7f0000000040), 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 236.413146][T10451] FAT-fs (loop2): bogus number of reserved sectors [ 236.424934][T10451] FAT-fs (loop2): Can't find a valid FAT filesystem [ 236.459407][T10452] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 236.494875][ T28] kauditd_printk_skb: 1 callbacks suppressed 20:38:16 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 236.494885][ T28] audit: type=1804 audit(1593463096.198:45): pid=10451 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/106/file0/bus" dev="sda1" ino=16194 res=1 20:38:16 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, &(0x7f0000000040), 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:16 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, 0xffffffffffffffff, 0x0) 20:38:16 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x40000000003, 0x4, 0x4, 0x7cb, 0x0, 0xffffffffffffff9c}, 0x2c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x4, &(0x7f0000000880)={0x3, 0x0, 0x0, 0x0, 0x20000000, 0x0}, 0x2c) close(r0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcsa\x00', 0x0, 0x0) poll(&(0x7f0000000280), 0x200000000000007a, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) r5 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) fstat(r5, &(0x7f0000000100)) setresuid(0x0, r4, 0x0) r6 = socket(0x0, 0x6, 0x0) sendmsg$unix(r6, &(0x7f00000004c0)={&(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000bc0)=[{&(0x7f0000000000)='i', 0x1}, {&(0x7f00000007c0)="8822561d31332f2a67f04a1cfb2ca72abe9c01476015fcc0d87430bd01a2ee46613e959aa83d441bb6fb7a2666ae7f9c78f6b67d112c00bcfd7ad7eb1cd074482476297f2a2ec2d0a7332e9a5a9598a330919d663c8242c617f4dee82ffb851b928cf23beb9f5c16f9af", 0x6a}, {0x0}, {&(0x7f00000008c0)="1181f78089604ef29a1a8e0f5d58277b8e819b95c363f38adc53f2a4a5f4b6e59657995022122eed1f71e1355d1c1169ee4e9c921c68d89aef9d95a6d5574a15ea705356723a8e772b4972890b0ab231", 0x50}, {&(0x7f0000000940)="33f7343356041cea0b42a7ebd0349ae1cf4fd9820d868e9a335a2537f03219b5d49420d28fa18361feab631248220ae561abfb2ec8a10189fcdb17b6df3689c15330744680915cb441b9d608b4dfa742f3fe8555", 0x54}, {&(0x7f00000009c0)="b5f500abac85da78b2f78de41194005cdbd69ef255e90633ad6a3d8df9d61c88ce00e1c33945a2e797f7a8e78a004449000fce3f17fa461bc5f725f6a2899148895bf45664d5d5c1b2265a279332d6f47292be1e75068a5066d6f513c2d1c253967a14be03840ca5b611cc9807a24564fa55da54f2ac466fcbc10daf7785e6c47d8d13c6939f70821070d5512f93c06579442a52c72b52404c7bb1f1355c2844a48fb0e4138e66b7920154240d71c8cd83c3e24a78af16848e631e0016e34d345c2c8a66791d1698d68e8d1c81878f37680cb43d41be4cbfb1e4d6220a145ca8bb8deefce5d798d6", 0xe8}, {&(0x7f0000000ac0)='\n', 0x1}], 0x7, &(0x7f00000001c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0x40}, 0x0) quotactl(0x81, &(0x7f0000000000)='./file0\x00', r4, &(0x7f0000000040)="c7286272965a49f4c3d9b80917d936515e6b") r7 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') sendfile(r1, r7, 0x0, 0x800000080004103) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) 20:38:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:16 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 236.845449][T10478] FAT-fs (loop2): bogus number of reserved sectors [ 236.845459][T10478] FAT-fs (loop2): Can't find a valid FAT filesystem [ 236.897860][ T28] audit: type=1804 audit(1593463096.608:46): pid=10478 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/107/file0/bus" dev="sda1" ino=16191 res=1 [ 236.956095][T10489] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:17 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x40000000003, 0x4, 0x4, 0x7cb, 0x0, 0xffffffffffffff9c}, 0x2c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x4, &(0x7f0000000880)={0x3, 0x0, 0x0, 0x0, 0x20000000, 0x0}, 0x2c) close(r0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcsa\x00', 0x0, 0x0) poll(&(0x7f0000000280), 0x200000000000007a, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) r5 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) fstat(r5, &(0x7f0000000100)) setresuid(0x0, r4, 0x0) r6 = socket(0x0, 0x6, 0x0) sendmsg$unix(r6, &(0x7f00000004c0)={&(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000bc0)=[{&(0x7f0000000000)='i', 0x1}, {&(0x7f00000007c0)="8822561d31332f2a67f04a1cfb2ca72abe9c01476015fcc0d87430bd01a2ee46613e959aa83d441bb6fb7a2666ae7f9c78f6b67d112c00bcfd7ad7eb1cd074482476297f2a2ec2d0a7332e9a5a9598a330919d663c8242c617f4dee82ffb851b928cf23beb9f5c16f9af", 0x6a}, {0x0}, {&(0x7f00000008c0)="1181f78089604ef29a1a8e0f5d58277b8e819b95c363f38adc53f2a4a5f4b6e59657995022122eed1f71e1355d1c1169ee4e9c921c68d89aef9d95a6d5574a15ea705356723a8e772b4972890b0ab231", 0x50}, {&(0x7f0000000940)="33f7343356041cea0b42a7ebd0349ae1cf4fd9820d868e9a335a2537f03219b5d49420d28fa18361feab631248220ae561abfb2ec8a10189fcdb17b6df3689c15330744680915cb441b9d608b4dfa742f3fe8555", 0x54}, {&(0x7f00000009c0)="b5f500abac85da78b2f78de41194005cdbd69ef255e90633ad6a3d8df9d61c88ce00e1c33945a2e797f7a8e78a004449000fce3f17fa461bc5f725f6a2899148895bf45664d5d5c1b2265a279332d6f47292be1e75068a5066d6f513c2d1c253967a14be03840ca5b611cc9807a24564fa55da54f2ac466fcbc10daf7785e6c47d8d13c6939f70821070d5512f93c06579442a52c72b52404c7bb1f1355c2844a48fb0e4138e66b7920154240d71c8cd83c3e24a78af16848e631e0016e34d345c2c8a66791d1698d68e8d1c81878f37680cb43d41be4cbfb1e4d6220a145ca8bb8deefce5d798d6", 0xe8}, {&(0x7f0000000ac0)='\n', 0x1}], 0x7, &(0x7f00000001c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0x40}, 0x0) quotactl(0x81, &(0x7f0000000000)='./file0\x00', r4, &(0x7f0000000040)="c7286272965a49f4c3d9b80917d936515e6b") r7 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') sendfile(r1, r7, 0x0, 0x800000080004103) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) 20:38:17 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:17 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, &(0x7f0000000040), 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:17 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, 0xffffffffffffffff, 0x0) 20:38:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:17 executing program 3: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0xfffffffffffffd0b}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$cont(0x7, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x7) 20:38:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:17 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$inet(r1, &(0x7f0000002300)={&(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10, &(0x7f0000002240)=[{&(0x7f00000000c0)='n5', 0x2}], 0x1, &(0x7f0000002280)=[@ip_ttl={{0x14, 0x0, 0x2, 0x1}}], 0x18}, 0x0) [ 238.019762][T10511] FAT-fs (loop2): bogus number of reserved sectors [ 238.031115][T10515] ptrace attach of "/root/syz-executor.3"[10512] was attempted by "/root/syz-executor.3"[10515] 20:38:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 238.094844][T10511] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:17 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$sock(r0, &(0x7f00000001c0)=[{{&(0x7f0000000040)=@un=@file={0x0, './file0\x00'}, 0x80, 0x0, 0x0, &(0x7f0000000180)=[@timestamping={{0x14, 0x1, 0x25, 0x154}}], 0x18}}], 0x1, 0x0) [ 238.153741][T10513] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 238.180438][ T28] audit: type=1804 audit(1593463097.888:47): pid=10523 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/108/bus" dev="sda1" ino=16201 res=1 20:38:17 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:19 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x40000000003, 0x4, 0x4, 0x7cb, 0x0, 0xffffffffffffff9c}, 0x2c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x4, &(0x7f0000000880)={0x3, 0x0, 0x0, 0x0, 0x20000000, 0x0}, 0x2c) close(r0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcsa\x00', 0x0, 0x0) poll(&(0x7f0000000280), 0x200000000000007a, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) r5 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) fstat(r5, &(0x7f0000000100)) setresuid(0x0, r4, 0x0) r6 = socket(0x0, 0x6, 0x0) sendmsg$unix(r6, &(0x7f00000004c0)={&(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000bc0)=[{&(0x7f0000000000)='i', 0x1}, {&(0x7f00000007c0)="8822561d31332f2a67f04a1cfb2ca72abe9c01476015fcc0d87430bd01a2ee46613e959aa83d441bb6fb7a2666ae7f9c78f6b67d112c00bcfd7ad7eb1cd074482476297f2a2ec2d0a7332e9a5a9598a330919d663c8242c617f4dee82ffb851b928cf23beb9f5c16f9af", 0x6a}, {0x0}, {&(0x7f00000008c0)="1181f78089604ef29a1a8e0f5d58277b8e819b95c363f38adc53f2a4a5f4b6e59657995022122eed1f71e1355d1c1169ee4e9c921c68d89aef9d95a6d5574a15ea705356723a8e772b4972890b0ab231", 0x50}, {&(0x7f0000000940)="33f7343356041cea0b42a7ebd0349ae1cf4fd9820d868e9a335a2537f03219b5d49420d28fa18361feab631248220ae561abfb2ec8a10189fcdb17b6df3689c15330744680915cb441b9d608b4dfa742f3fe8555", 0x54}, {&(0x7f00000009c0)="b5f500abac85da78b2f78de41194005cdbd69ef255e90633ad6a3d8df9d61c88ce00e1c33945a2e797f7a8e78a004449000fce3f17fa461bc5f725f6a2899148895bf45664d5d5c1b2265a279332d6f47292be1e75068a5066d6f513c2d1c253967a14be03840ca5b611cc9807a24564fa55da54f2ac466fcbc10daf7785e6c47d8d13c6939f70821070d5512f93c06579442a52c72b52404c7bb1f1355c2844a48fb0e4138e66b7920154240d71c8cd83c3e24a78af16848e631e0016e34d345c2c8a66791d1698d68e8d1c81878f37680cb43d41be4cbfb1e4d6220a145ca8bb8deefce5d798d6", 0xe8}, {&(0x7f0000000ac0)='\n', 0x1}], 0x7, &(0x7f00000001c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0x40}, 0x0) quotactl(0x81, &(0x7f0000000000)='./file0\x00', r4, &(0x7f0000000040)="c7286272965a49f4c3d9b80917d936515e6b") r7 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') sendfile(r1, r7, 0x0, 0x800000080004103) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) 20:38:19 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{0x0}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:19 executing program 3: sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x0) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c00000010001fff0000268f1c872d2b01000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a00010076786c616e0000000400028008000a0036459cdb26cd03ccb7e638a66c866a951362d3fa985503f8f4"], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x6e800500) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) open(0x0, 0x100, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x3da, 0x0) 20:38:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:19 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 239.529316][T10563] FAT-fs (loop2): bogus number of reserved sectors [ 239.544975][T10561] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 239.566374][T10563] FAT-fs (loop2): Can't find a valid FAT filesystem [ 239.633748][ T28] audit: type=1804 audit(1593463099.338:48): pid=10563 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/109/file0/bus" dev="sda1" ino=16217 res=1 20:38:19 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{0x0}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 239.875891][T10565] device vxlan0 entered promiscuous mode 20:38:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 239.899854][T10588] FAT-fs (loop2): bogus number of reserved sectors 20:38:19 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{0x0}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 239.899864][T10588] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 239.918730][ T28] audit: type=1804 audit(1593463099.628:49): pid=10588 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/110/file0/bus" dev="sda1" ino=16232 res=1 [ 240.059217][ T28] audit: type=1804 audit(1593463099.768:50): pid=10594 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/111/bus" dev="sda1" ino=16232 res=1 [ 240.162717][T10596] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 240.662346][T10571] device vxlan0 entered promiscuous mode [ 240.912639][T10565] syz-executor.3 (10565) used greatest stack depth: 23264 bytes left 20:38:21 executing program 5: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) shutdown(r2, 0x1) dup2(r2, r1) splice(r1, 0x0, r0, 0x0, 0x7fffffff, 0x0) 20:38:21 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:21 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:21 executing program 3: setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x2) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x4b45, &(0x7f0000000100)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x76, 0x4) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x0, &(0x7f0000000100)}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860ac5cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfed4, 0x20c49a, 0x0, 0x27) r1 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0xb, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) listen(0xffffffffffffffff, 0x8) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = fcntl$dupfd(r1, 0x0, r2) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000980)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980700009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000008800000000000002726f7365300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000fb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff000000000000000000000000030000000700000000000000000000000000000048004354000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fa00000000400000000000000000000000000100000000000000000000000000000000ee00000000000000000000000000000000000000000000000000000000000000000000000000200000000000000500000000000400000000000000000000000000000070009000000000000000000000000000000000000000010020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1) 20:38:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:21 executing program 5: mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) clone(0x180000105, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='afs\x00', 0x0, &(0x7f0000000040)='dg\xe7\xf7)W\x10\xb2\x94\xde\n\x98\xa2\x9a\'\x038P\xdeO\x1c\xf8\x95\xad\v\xe1\x91\xd45\x93\xa9\xc7}=\xfd\xb8\xb2O\xf2\xa7\x10H\"\x0f\xf4\xec<\xb4\xee\x04G\xa8\xed\x82\x8d') 20:38:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 241.440871][T10631] FAT-fs (loop2): bogus number of reserved sectors [ 241.447469][T10631] FAT-fs (loop2): Can't find a valid FAT filesystem [ 241.469409][T10628] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:21 executing program 1: mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 241.531614][ T28] audit: type=1804 audit(1593463101.238:51): pid=10640 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/112/file0/bus" dev="sda1" ino=16196 res=1 20:38:21 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 241.655933][T10650] afs: Unknown parameter 'dgç÷)W²”Þ [ 241.655933][T10650] ˜¢š'8PÞOø•­ á‘Ô5“©Ç}' 20:38:21 executing program 1: mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 241.711977][T10654] afs: Unknown parameter 'dgç÷)W²”Þ [ 241.711977][T10654] ˜¢š'8PÞOø•­ á‘Ô5“©Ç}' 20:38:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:21 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @cfhsi={{0xa, 0x1, 'cfhsi\x00'}, {0x14, 0x2, 0x0, 0x1, [@__IFLA_CAIF_HSI_HEAD_ALIGN={0x8}, @__IFLA_CAIF_HSI_QLOW_WATERMARK={0x8}]}}}]}, 0x44}}, 0x0) [ 241.836184][T10659] FAT-fs (loop2): bogus number of reserved sectors [ 241.900313][T10659] FAT-fs (loop2): Can't find a valid FAT filesystem [ 241.963791][T10667] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 241.966591][ T28] audit: type=1804 audit(1593463101.668:52): pid=10668 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/113/file0/bus" dev="sda1" ino=16252 res=1 20:38:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) setrlimit(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:21 executing program 1: mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 242.023532][T10671] caif_hsicaif_hsi_newlink: failed to get the cfhsi_ops [ 242.074005][T10676] caif_hsicaif_hsi_newlink: failed to get the cfhsi_ops 20:38:22 executing program 3: open$dir(&(0x7f0000000000)='./file0\x00', 0x2088611, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000013000/0x4000)=nil, 0x4000, 0x5, 0x10, r0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 20:38:22 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setrlimit(0x0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:22 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0xd, 0x0, &(0x7f0000000080)) 20:38:22 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:22 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:22 executing program 1: mkdir(0x0, 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:22 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setrlimit(0x0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:22 executing program 3: open$dir(&(0x7f0000000000)='./file0\x00', 0x2088611, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000013000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) [ 242.996088][T10701] FAT-fs (loop2): bogus number of reserved sectors [ 243.010883][T10701] FAT-fs (loop2): Can't find a valid FAT filesystem [ 243.023794][T10699] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:22 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1", 0x25, 0x0, 0x0, 0x0) [ 243.095185][ T28] audit: type=1804 audit(1593463102.798:53): pid=10701 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/114/file0/bus" dev="sda1" ino=16190 res=1 20:38:22 executing program 1: mkdir(0x0, 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:22 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400", 0xc}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:22 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setrlimit(0x0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 20:38:23 executing program 3: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e0000001c00810e000f80ecdb4cb9020200000001000000810040fb12000100040fda1b6d090c0000000000000f", 0x2e}], 0x1, 0x0, 0x0, 0x10}, 0x0) 20:38:23 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) kexec_load(0x0, 0x10, &(0x7f00000005c0)=[{0x0, 0x0, 0x9165a000, 0x3e0000}], 0x0) 20:38:23 executing program 5: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x4f, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x400086) 20:38:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 243.368402][T10735] FAT-fs (loop2): bogus number of reserved sectors [ 243.388830][T10735] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:23 executing program 3: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ftruncate(r0, 0x3) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f0000000180)={0x14, 0x88, 0xfa00, {r2, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"6400c346702cfc74c7c612305e3460cc"}, 0x20000000, 0x0, 0xffffffff}}}, 0x90) semtimedop(0x0, &(0x7f0000000200)=[{0x2, 0xfe00}], 0x1, &(0x7f0000000240)) 20:38:23 executing program 1: mkdir(0x0, 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 243.523752][ T28] audit: type=1804 audit(1593463103.228:54): pid=10743 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/115/bus" dev="sda1" ino=16236 res=1 [ 243.581384][T10751] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:23 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400", 0xc}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:23 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) kexec_load(0x0, 0x10, &(0x7f00000005c0)=[{0x0, 0x0, 0x9165a000, 0x3e0000}], 0x0) 20:38:23 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x14, r1, 0x40b}, 0x14}}, 0x0) 20:38:23 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 243.853954][T10769] FAT-fs (loop2): bogus number of reserved sectors [ 243.870663][T10769] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:23 executing program 3: bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0xf8, 0x6, @local}, 0x14) r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000003280)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001c00)={0x0, @broadcast, @initdev}, &(0x7f0000001c40)=0xc) sendmmsg(r0, &(0x7f0000002fc0)=[{{&(0x7f0000000040)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f00000001c0)=[{&(0x7f00000000c0)="9e53f4ccaba87c504e36818177c5833738569b42381d6177203e2cb66d691190b5a3d08bc6e2f77a0700000000000000beecee7e7bba0b32b8221bb02f987d5e38c450ea0697c1ece0", 0x49}, {&(0x7f0000000240)="94660bfef83d639b65c06d11bc7d49fe887eec1632ff82201d4e1b53b87d0f7bedbe9a1a81cef33e61e06c38b3dfeca3501cb3ad6f90b9d71ec397c226545e825fec3cb2f40f8a3c6e94706d7e912bd3049efa7c6d3ed75a79526b189e7837829d4c8f5a8a95a981c868911078bfb85942ab985223d988302acb56b6fed902283d1ad3ead1181c535351e11765b06230a6766402fbf15727ef5050301141047c085a7ad1ac9b57095c3f5caef4a084d604537aaa501dbcd73b7a8320d50147355c9ee384378fb3b9ae901f9ad8c0c5337147dcd76e06a6d3d58ffe53b14fc035559cb97662afb6ccb30cabc022c4c17e6faa432d5a1277f421243245814adb49109971b0cdba8bb4a24dad697495c4f5bfa02792155e58f58f8489331bd562290ff3be8fb37d366d35147184da543093e4fb8a0c97f6ae91173f60be54530bee396ba422cc3504f124ee81c6da12957cf874b47aab3b808ed11b8c7777a38013896bfe6b01a6bd4dec987c3eff7dbf438006acfc8e046847d9e4719f4c69bddff0c208abd01d081f3edaceba09152242a01dcbf6fdd603a9dc5957c83f45b5c2cebaa12a7c89cb9d2eb2457a7bb50a1a8657ac7cd8b3bc578663a7abffcc3fd6875f0da183f4b88792413e5465adbd45f3c965d923b60f3edfb7a3ef30b3b25acb1485a9e6f83b7d2d8f4ba2d79e0cc3da6efb109483240c298f717e30cde08ff0374e10f22f7c31294c6835bc32fc9b7269e20f04c287375c1f9dfba0f6163cba43d85fe8b0a19012f1fca971488ccf93208473328409fc4f2c8f0b8a15350cbdeb2a49f98675294b227118de70033a86b6c9dde71d1f0a89e55b616439602ae20372adb80ed6e54e3e2c49f5c0a109917681306a83c6da9b08eb35bc0ff8ac011b212dca8243c928461d247e380c0dfca470773c89f426e3d59cf40f6898822fdcd0bf058812713d4dc6d6596b18ba61c9370e6953e345f099cbe3f3b237a76716b23711823485c018741f6bb72581821fb2317a0b25e353e8f83d2e67d6fa60c7b337f13f09628fc1cf099f93e458d02f16819a3e1f2acd7dbf5de4db1b141e5440a8abec8d804b863e651eb5a4e4e26be19f2eaf07b8acad6c3d360367593955ed1a9eb87c35c87cb976bb65298784971a46668f8477201145adf9327ee26c4c97e623e850bc09fbedb2cf4b94a5b60018845c707a974e7d68f362b9b914d4f867979773d1c157364ecff7292f20cb0995880b11046669d871481e57eab0fd500534aea1f1fcee0d8cc689eca3dca88c27b82478135a08880472778a264579a1c63cac407b1815649b7706a5e490f6e4577bfa8516e38dcac43d79da7fa226603438b426a1d0dd6cd8cb60b2f5b8ad1313403c7aca0e6a31b7c088289716448aca834e832b63bd21a3015251aa76182bbdb10df4e8e5bbe7890f4e5555b212715a920a66dc4edd12f73b12eef5a16ccbd1185b684313e3f2323d325e8b2b44ef0c6594e63699faea01d2ebf4495b229f2f10d0aef65bed6c6bea2a6ebff49c0941013ea10cb1066bb31c4c05f65951685d2b6a47f57a4c7a7a1d7fb0da84dc05110bb3d9a2a4e3b6b224255f552c7db7076c591eaa2ee0f531eec50e65ea63a3697e39ada117586581e391ab277ed182c337b8b79e40297e1816dbbff960c8d2d5213e99a25e7d7aa1e3e27bc5adfb437eae59cc4a04fd70c600b067cfc7946991108ad16a6522ba13bafe1be31118a7919ebc7b003dd8c9a194da595ef6d3ce41ddc27f43f254875536f8943694bbb402060c43a90e385915b26aead3d953e8eac3391f66263282bde37a6710b67b4a80c4e6eeabcce7a8f6eaed4a965cb81e03e29a90ed042c57119df558e00e4af7208771b9ca8a82f2283039c1eeaa22d6d62050da10851dbc750b7d0ec68f24b28adc3f5ecbda2fc6c898f8671914ae91100917f7c840008ae098d22494bcefbea43fbabb914e5150f3e9288db88e826ad2a624d55473ab9a6bed54ef96e9817deacf0ebd24c1289d137b15108d94cb6869e6200974a73c1630e8626f64af61e1563292b930f0dce56e049d9c8f9aa563da16212b8ea23a4c3fbd29e0889ad12af19d218f38d43d93023211e9cce1611ddb3f40ad77ef4a658f2b817d360683fb876556d6da4c7a59faccc01fd9b03582f0af47875cbf73d4d01c574f7bcabdab64e5485003f3f0f7c037bdf9093616af8335ea88bf8939c073579de3024370cb5f3f5d659e5735e4179ac68c6e2499157a6f0a9c1d87ab26f47a81e43807d5e087e41539c0cc6da7cbc361d3c1d9017f4595421bada9ec2601db87ee0986e07faa6b725b0bab3333c812f75e4fd9acfc243926f1558b395222dedd72e8db2db17ba3541a3141df1785965b13e332f3c27f29701b6f2b2ddcba60800b69defc2894d32e1583c022b633b0983df441b473ec0a0b345d14a68e0a9363f2c80c52adcf3334cc5a6f976c3b05cc8fcaeb3e3aa82a4ac3a6903abf7794dd39679d63255594f6deeea16e637c6bea7adefed9581cc6fef83457c71b3cdc4886cdd5f3b3304a7b928c5a2f39d5818427160f334fbbefb6b3b525ae04b2be52a10b21dea74e3fb0ebc59852db544db0fbd9d612b1a921bea057f3df8a1a102efd212ad89b1c87b3b4ab56e1c1d85e6554bd8bf0c0a3c1047c5ff34e2a8a462a728a3c2381432c84eee89451e211ef251d4bc2a5e36245fc5f5f380345d0bd6bd76c9ad0cd8495f3f07bd77d61835ca0cc1c0bb104d2cb7d65a04efe542203a422a308e57e9fbe873cf59ef1f675b3c89a2017700c32abcbf656844a034f05d42df9e30059b3a6c69d83ae649a7833211c814a772453f309893f0509035a8ff462794b69280ab7e86e85cf2e4e3a8ca56bcd3206cc0c759e6a862bb79e4bdedb4f2a40df2f8bae7f2fe9113d351fd979d7207339cdc952760934c6a66ef7ff610dc1e83924ecdd7eee87f3b9b037c4a81e826c3fbae78fed28da0ffde206d6cbe6025dd19a17fff798edd14dda57db3008ad56acc94b640e0f731f2bb2de30aee11e7b3654a5eb11077050ea0e61474033a9a1eca6b72eb444772155c43aaed22860bb8d0422bfaa9bb7941c1bdf974ad9fb06b04b3c8e32107826fd72dc0440d8d3f2eb39e8e8043e310df6ca1884d666fca4872b14e1da35e5e1c4f3d1fca1d22000971a78a407d7a289b7131646642407a6df2493da981b28bd01877955a509f7aefcf2c8a80d3acb1e1c8e99b6a2d8946d0ee8517bd2579ab3ace8aeba980f4ac95b9aa03a8b222aa8e1ea4fe41bcf90dfb3cc3a96e3dc438fa048c983cc41e472200801fe1ed079cb33e274c48f2cf80023e24f36a1257fc2b2304514fd0fbce691944edd6ddcc94873794ef151aae5dbb6ee6016f82cf0b5ed89b69f61fddda00adc13c7f69b69a35900336357c5f052caf2445c9fc72c1e559dcdb4e84b5587493be668197adccafca912ebaaacfe736d3626e160018f971f372c0d946b04d3a1cdd2ef43de6659e8d6d14259fd63c3b28ffaec6464318038801042f661a21f26cb5798cfc2c937c4d6e2f719ec94c5e4f95f74046610a6ce88d1811dd0bed87364b986cb13f3a61f84e31921c215a9b3cebd450dae89ca733f923ed846e079ebada7d9b8c7f58ca9219c7755b827bad68d456c31e1a675ac30f0231215b2903966720034668aa729187bea9f4d8c5b9774fc0a885dd582ce8d716826087762282d9a37a526f5ad10edbdea80ca42c2b39d09ed47f30781e7be5829417beac40b419cdf45e13d2eea0d6330778271166dd32e89d02a6110125000957019ad2a77b6d0c24a27bae6cf8c6176d26bb7944130cad490f489daad0380ddd1ac09d00d84361d794ed3dc7177125c1542c2b09ced31e1ffb7fd910bc6067f2378799a18587b0cf4d5b41c8f99c85076a0028fc6ddf90cdc47e41ffbfe85b5207aa822ca06b90a10bbfb2cc1ad201b5b18d66f23b0f2ec96433af119fc8823f1f4b501e39bb6c2833fbb7f948bc368a4d4eb68a4008f810e9ea9ba7f7b1d3d4976b9bed54f314d44d36b5e88c276544719bc92b4cc400b1c5c248b2fa36d21f497fc884d5f1d0a45537cf21167441440bb75864b7aa96c8e3fd9a196bfa855faca949d5c53d8950f729ce86b36a374f8d25a9e9046d87fbb8871de76b49030715bf5911f6fd24d5a49f595f386148fc26919d00dc6ed71e8cae96d1715a05e858e514928900d37b05a3cfc54fbf5d188b688bfbe6e9a2f4a6a03c1662817745af3e2cc8cb0b4277c685a56923f295d4414ca448d5cb41ad321f409b95c4db09bcc274ccaad461286b911e0c80eea2f611eee1559f0e7190b9f531a63eebbb4875fec783cf69f36cafd9c22c7ea3ee22155b86890dd881b26b5bff300a5cebaca47f41133fc995f44d8d56d906273372add3c9db835c435b3547939e75943942506f12ff66e520b1e0f03430f12bc8ee40940af570ba52ab8ce1def31a3a51c5b20346134f254613484cb82c33236fd0e21856b2ba2c00976b6e848195c5ab58aab63930503470ce645309bf6f29e307dfeb78c061b795aab2fccc32365ee3b9739cc42fda7fd9398dd77f95ad4002129c85104e6327e552bb7db24bbac24374c727b94015a4de0108899eecfca588ef7cb0950a0bb3a8551de796ca793d59a77f13f41fb5e1fff418d07c3961ad2201c5360697c9481d6061093bee449ecbbdc6aeffc9a8f0e6168df7bc591764ad0f7490f89666dd79eedc78fa8e9ce69625a9bf0d1c00cea7cf1dbd14e8dc8f5445acdd6bbef2d0876a628f7d16c151893b1d20006a4713fd4f1ae813be707759facfc7614e0e95ae94f59011c3f9836ae83990a244b0dce2969734eb27af50c49f14689d961c37463ffdd3e4bfee06f7f73c7df5bba5cef05dce115700b90b1a2cf463e1760450f63690ad15f3e631492c77a8605ec2325beae2721de2b677a2ef60dc017bda7148cd2717e0db8022afaecbe65ae58bec78dc8c7a0475b5f211d09a7110cdbd9da086882660fa260facaeaec5d29bf720894cf47736cf3bc22970390c24d08e8cf07c92bfa1ed8367858af6d9c89fa8acc3231430de7b9da1a7472652aad6a35be58cc6ba1e2eda8eaa5c4d9159c391a955307481d22e8132cad7625df7d2e7426bd9ee5e58aabdb7891108219a168353f8f2fb709c0df564579b29fe859f68c8b4b7345c9e529a2bcfcfe9975b20a802024e6ec7bc9067e7b58033c019b02d329f4de29674e5748afd791e657bdd6fa22b93bd54bcfae71189a5daf6497917e92a35a561bfcca4e24d7a8c0763586b2512d736c4ee172faf2f89c0829de10914edd8dcb175382d184d54f2b6ef40a110848109ef44140ef00381b7229905019c73e43b010baa4b515abc86c3a161022e5c04e991d5c02419078c8a279634439cdb3c49c0b97d1e1f7bad1cfd3bff5057b67e4402454f3d858a221007183bc78dff8ea0d68c994de1166e7eef92b08b715cfe1655a70ac4637e270cd2ab557749fe63281b5c4b5bdada39fb666dadb4d73684ba5a97ba47efb94e571ec9636e90c469fc276ee09cb1221e4a19b82e804eef32bef0a5a5b7373b3450d22db20e21e0eec7694659770e0d5f3f30dc1a7ec501ad0af77f4164c8d0aa467a147eadf70c8e133a6b8e5c604c96c5db60909d1538451db91020340edd0d31ed5561fe19ca18674898d7aa8a87692a72c74ecdebab851dc7d91488f1b751bd904cfb77f7408264eeaf222b06f7400facde4ed401ea42058211b4a5557e4f207849a", 0x1000}], 0x2, &(0x7f0000001240)=[{0x108, 0x1, 0x5, "4fa7658769f87bdbe57a36fe4b10eec791e6906709924ed9634edd571dd3446086aeca428305a8bf8a55c328b5fb1a0df8fbd404e2c07e514875fdd0a71122cecdf6ea2860086f2ea6eea881d855b13461036ec3ab543c9345c481b21dd6ab0281fbe620031c3e89acaa2fc8244085860f4e06b8a75dba5fccd1f8034619378c5baa5cf6b536265609987d78c41e57fbd3713b36cea9ee00b63923d08fde9e8cbe09097d2a6ea080ebf4860f2a40b66955b6ac95951cc7c91ac1baa5c03cec6a49d1e0d63f06828d023d900bf501acb293432e4815d398e1b92bd5daf766ac5b7396dbc9da38b0dd711e99643b4acd236592"}], 0x108}}, {{&(0x7f0000001380)=@ethernet={0x1, @multicast}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001400)="693c0a4dae4dfabb19016a55b30f71601b2db7f6d5478647f239fd08822060193686f1a16f52a2edcda58ecd5856eeb78a17ffe30ac24958d044f9783d61c487480f0bf7eaa30f176ea5783e601fd9c448313b23f613cc0b393dc08a789227800721f8743f13397db89ab75a0bbff7ab7405b75f00fb064cf2753e0eda8a2773803a57bece773f20b93c7e3e3a288905b71101d0969c68a80bce4d3b2667bd0d61ad4d89", 0xa4}, {&(0x7f0000001d00)="94a932dda1cc24c31079543ff38a700d62f6d9fd51224c245805d79fb1838948b6d4751c2e187382fa8c25f2c2f54df2f92268d501eccbf49fc055eb1b9930a44859ae412168020b13fcba81ba3aa319e3842a035f6904b62ada6e9c30b60435548c3e582c583f001f7ac05bece94fd46e45a77b13fe29a1188d901996b18d9962c584818c23f83c3a1e053e70167879f1d8c0c83e3ccc56e9846f053f01aee2a279eb8f4ed02254cb0be36b2a7d396f2f10c9658f13b811296badb9a51c03e4b1a61e72eeb285703c0c9a665ab967978802078eed9dcc96f2d42e4f207e5a3e473a65a8ba91a1b5bef409f598206f553f397e4dc98795b60c", 0xf9}], 0x2}}, {{&(0x7f00000030c0)=@phonet={0x23, 0x4, 0x0, 0xf9}, 0x80, &(0x7f0000001980)=[{&(0x7f0000001680)="71f9dee7cb3a582be4fb787727450b5f74420fc9faba0d26a22191a7d233a60b90470f3de81488cc7963474f00dda4e91ba7f91ca4fc919fe1991f43c6c811fc8cb9c588305b817c7ed100068ec91d0638ab28da2304d70a392d9f206e0be18603314d7dce501547e3196944a949f05a979bf26cdcd7acd6b37014aadb355bbcd92f6a4a6f528d9a5e79f3cf53afd0f9cf18a8c655eb0f7125038809f0bb7ce4d285237aa91ef76655fd7bd0c6bd0816301a7877f489317b1f189e84192d5723a48feca2b9e1eb8278be2dfb80903f58", 0xd0}, {&(0x7f0000001780)="a97bbb435a634a2b1c06ab96592151fdaf018bd69a2edc56ce7ce12f7a4c29dd8e65382c0df56d4429213f8937c53075a510044c563ec8b8b858a3400945b00d186483d51086efbb70239b4ac2bf743d1515ec2f4c", 0x55}, {&(0x7f0000001800)="b91b536efdc95ebe4e5ea251060ab38cd154b7eea5bab24462c4b0cbdfda0701dd5028755f8536f1ba1cda8d5f1e4af6c316081d5cfac31b353d19ded55b5b79c47874e3813886ba9534a2c53275fb8ceb3e356fe21d8ce8e565fe3f82d79f3b094a9b8b46d772600f92c900cfbcc67bfee3506952b30abbc2a9d91513d08e083f34ca2a1814898a58ce365c5092ad3c7bef417e64031a694ce63a30ac8e1d41409ca6be70ba551d86057f65", 0xac}, {&(0x7f00000018c0)="b769359e967dc94f70ce9b537b0b99a01681068b1a9b992200df517b7665e9fefeaa9988c49ba5ca634dbe7502929c082656528ced42dce1a2645896748862d82f1371bf3bc90c4c3efab5301ac7e4b43fdbef7dd991fc241df8a7b6a2ce403e7245da8aa8ad3748ac88d6f3595e2b5a1083285059280793b70f715b641b056bdf9dfc61f8e758631dbcf47505725b96c21d082168919f098c16f0", 0x9b}], 0x4, &(0x7f00000019c0)=[{0x58, 0x1, 0x7, "c4a3aabc6f3e95bd4b8dc9e21e8a8a17a98de1f79d201bf6e202d15b9718009dfa906a14457fa1bccd0ac70057a2fddce4dec781e44e4070ae774b16502d49610759a9e47d3f69"}, {0x98, 0x104, 0x2, "46239310e31da3c81d76f86397a0249f8cd8931ac4e5026a0b18069766967215c6b9abc4a00f22a9063d826fed21bd9caafd48e1cc6265cfc568a29ef5b51d4158d6eff121ab3b8c3f84aaaf91d1c9845c454319ec478fd4afa3b01874c161f6bab5f88b7d1110d1468785d7fae3fad31e837d51d0aa960cee260905f5d715d611c002014fcc6f"}, {0xd0, 0x84, 0x7f, "b2a2e4be2337403c6b3e97657b8240c9858b621606e5b253e42706dd1fa102209674fda4a71ea0671d49d388962245fbc27af2218f9f45b788d83dcf796e3dadd678281dd4332a47ba1d4ef157176af77464c99880e412e45d5165191222f8a5573faaba3526eb2f9789b404f63bfc6e16f33bf6e7301b34c2baa2e8dbec446315e88259ac12b8023f3b0a00333255d963d78b61004d5b82584b705134bfa0cebe952f1861ded0679a8476ac166be05a9873799ee0be06e606a10f1f6a28"}, {0x80, 0x108, 0x1a, "e7ef4f8adcaab02887fef9094d3a2ee2c33230920e3104251e2891d7d2a121711de4d92599fae23bcfa841a577eba5aabf3a639587c2959e57f2c6d6beb0f564fffbe0915e8847147b14d194f67b06778ad66031b35a916a40a1f1f56392e5e14c24d5c658a5eed7b2"}], 0x240}}, {{&(0x7f0000001c80)=@xdp={0x2c, 0xf, r1, 0xf}, 0x80, &(0x7f0000002e80), 0x0, &(0x7f00000032c0)=[{0x48, 0x10a, 0xffff0001, "70d0c6c9e2d4b293aa796f0056d9ec20f98af7dcaf1560660f8b3cb12a22d915316fa34fe928345cd5b6705a91ef826cb53003814249b56b"}, {0xa0, 0x114, 0x8001, "db87a84a9cebd7c0354192eaadeac4be6054de4ebd46dec931601fa9eb84c4b84d95dd9b624b366d128ecfa606e181917ad89c1fa6ea5a829f6e5ae5f34081d7b776042747b21964691bc37f430fefa1758f3e76967f7fe1b158fd841d95f66491d74b56bc2c87a8b3af91442ad1b5af8ba932948ac9bb5fd0b97ae7fc5f33f0f4858190a1bd74ab43474877defee4"}, {0x58, 0x108, 0x1f, "170d8939bae70cfcc90baf465b527062973b984ca855e5bf3e7a2c89308f7e66d7211dcbaacb5ad21f14c6be662723ab9b9bff0d925b88d89914f9ec1b994d732a29"}, {0x28, 0x0, 0x3ff, "222fb15fd49c1a4133669741b48a7c58f39a68edf987ff9e"}], 0x168}}], 0x4, 0x8040) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x64}}, 0x0) r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x458, 0x5013, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x49, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x1dc}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_usb_control_io(r2, &(0x7f0000000140)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="0450b003"], 0x0, 0x0, 0x0, 0x0}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000001400)='net/mcfilter6\x00') preadv(r3, &(0x7f00000017c0), 0x1b4, 0x0) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f00000014c0)) 20:38:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:23 executing program 5: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x4f, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x400086) [ 243.961114][ T28] audit: type=1804 audit(1593463103.668:55): pid=10778 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/116/file0/bus" dev="sda1" ino=16278 res=1 20:38:23 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:23 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400", 0xc}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 244.095235][T10783] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 244.165962][T10791] FAT-fs (loop2): bogus number of reserved sectors [ 244.174979][T10791] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:23 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000180)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"6400c346702cfc74c7c612305e3460cc"}}}}, 0x90) 20:38:23 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 244.213401][ T28] audit: type=1804 audit(1593463103.918:56): pid=10791 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/117/file0/bus" dev="sda1" ino=16230 res=1 20:38:24 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401000200", 0x12}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 244.356930][ T3794] usb 4-1: new high-speed USB device number 2 using dummy_hcd 20:38:24 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', 0x0, 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:24 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0xfffffffe}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000040)='F', 0xfffffffffffffe43, 0x20000003, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, &(0x7f0000000040)='F', 0xfffffffffffffe43, 0x20000003, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) [ 244.468038][T10808] FAT-fs (loop2): invalid media value (0x00) [ 244.489270][T10808] FAT-fs (loop2): Can't find a valid FAT filesystem [ 244.555525][ T28] audit: type=1804 audit(1593463104.258:57): pid=10816 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/118/file0/bus" dev="sda1" ino=16285 res=1 [ 244.586291][T10812] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:24 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) [ 244.627153][ T3794] usb 4-1: Using ep0 maxpacket: 16 [ 244.664585][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 244.757224][ T3794] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 73, using maximum allowed: 30 [ 244.796690][ T3794] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 244.853440][ T3794] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 244.886932][ T3794] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 73 [ 244.913023][ T3794] usb 4-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 244.945490][ T3794] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.968217][ T3794] usb 4-1: config 0 descriptor?? [ 245.447311][ T3794] hid (null): nested delimiters [ 245.452605][ T3794] hid (null): unknown global tag 0x8a [ 245.458897][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 245.460410][ T3794] hid (null): unknown global tag 0xd [ 245.477012][ T3794] hid (null): global environment stack underflow [ 245.477053][ T3794] hid (null): invalid report_size 612 [ 245.480677][ T3794] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.0003/input/input10 [ 245.520981][ T3794] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.0003/input/input11 [ 245.610858][ T3794] kye 0003:0458:5013.0003: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.3-1/input0 [ 245.666938][ C1] raw-gadget gadget: ignoring, device is not running [ 245.672472][ T5] usb 4-1: USB disconnect, device number 2 [ 246.446894][ T5] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 246.706989][ T5] usb 4-1: Using ep0 maxpacket: 16 [ 246.837008][ T5] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 73, using maximum allowed: 30 [ 246.847789][ T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 246.859089][ T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 246.869268][ T5] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 73 [ 246.883524][ T5] usb 4-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 246.892868][ T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.902514][ T5] usb 4-1: config 0 descriptor?? 20:38:26 executing program 3: r0 = socket$inet6(0xa, 0x400000000001, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x0, 0x0) bind(r3, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4081}, 0x4000800) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x20) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d000010) 20:38:26 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', 0x0, 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:26 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401000200", 0x12}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:26 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000340)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time}], 0x1c) 20:38:26 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r1, 0x0, 0x0, 0x0) dup2(r1, r0) 20:38:26 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r1, 0x0, 0x0, 0x0) dup2(r1, r0) [ 247.189275][T10894] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 247.206996][ T5] usbhid 4-1:0.0: can't add hid device: -71 [ 247.213265][ T5] usbhid: probe of 4-1:0.0 failed with error -71 [ 247.252422][T10899] FAT-fs (loop2): invalid media value (0x00) [ 247.276511][ T5] usb 4-1: USB disconnect, device number 3 20:38:27 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', 0x0, 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 247.295031][ T28] audit: type=1804 audit(1593463106.998:58): pid=10907 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/119/file0/bus" dev="sda1" ino=16305 res=1 [ 247.319637][T10899] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:27 executing program 5: r0 = socket$inet6(0xa, 0x400000000001, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x5e) socket(0x11, 0x2, 0x0) sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)={0x3c, 0x0, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4081}, 0x4000800) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x20) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d000010) 20:38:27 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401000200", 0x12}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:27 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x844}, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) pipe(0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0xfffffffe}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000040)='F', 0xfffffffffffffe43, 0x20000003, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, &(0x7f0000000040)='F', 0xfffffffffffffe43, 0x20000003, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) 20:38:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 247.701421][T10934] FAT-fs (loop2): invalid media value (0x00) [ 247.708101][T10934] FAT-fs (loop2): Can't find a valid FAT filesystem [ 247.730394][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 247.792108][ T28] audit: type=1804 audit(1593463107.498:59): pid=10939 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/120/file0/bus" dev="sda1" ino=16243 res=1 [ 247.858380][T10936] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 247.915946][ T28] audit: type=1800 audit(1593463107.598:60): pid=10904 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="sda1" ino=16293 res=0 20:38:27 executing program 3: r0 = socket$inet6(0xa, 0x400000000001, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x0, 0x0) bind(r3, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4081}, 0x4000800) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x20) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d000010) 20:38:27 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:27 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270ff", 0x15}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 248.028387][ T28] audit: type=1800 audit(1593463107.738:61): pid=10929 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="sda1" ino=16290 res=0 [ 248.069823][T10956] FAT-fs (loop2): invalid media value (0x00) [ 248.076098][T10956] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:27 executing program 5: r0 = socket$inet6(0xa, 0x400000000001, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x5e) socket(0x11, 0x2, 0x0) sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)={0x3c, 0x0, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4081}, 0x4000800) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x20) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d000010) [ 248.123171][ T28] audit: type=1804 audit(1593463107.828:62): pid=10956 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/121/file0/bus" dev="sda1" ino=16304 res=1 20:38:27 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 248.161728][T10955] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270ff", 0x15}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:28 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x3}, 0x0, 0x0, 0x0, 0x2, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) accept$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @initdev}, &(0x7f00000002c0)=0x10) getsockopt$rose(0xffffffffffffffff, 0x104, 0x3, &(0x7f0000000380), &(0x7f0000000500)=0x4) exit_group(0x0) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000005fbbcf5217c15f60a747066bb4c2bc28e1e97dd39676c51e5930d37e84edb9b4cb04bb15fac022c32acd576a6c76ba68d7f567506f0b1b447a443f1dde7edf43844c3cf5c96d2d1166f05a1deaab93605f4c34c7455c14d8b201b92563ea69cdbe2ec0d61c72bae678bc578ba66b8ad696d9bef053ed78e87206bf15b6cb740e02144941c0915674c2a897777c6ff47ef3b278f1b37e210865c68317a232223a007a97ff131697b226adab92e5b62f174d1fbb2a33ba442723cd42b7839e81c7", @ANYRES16=r0, @ANYBLOB="010b1000"/14], 0x14}}, 0x40090) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[@ANYRES16], 0x1c}, 0x1, 0x0, 0x0, 0x4c081}, 0x0) syz_emit_ethernet(0x76, &(0x7f0000000080)={@broadcast=[0xff, 0xff, 0xff, 0x0], @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a4f008", 0x40, 0x3a, 0x0, @empty={[0x3, 0x3c]}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0004e6", 0x0, 0x0, 0x0, @remote, @remote, [@routing={0x2f}], "000022ebffff0400"}}}}}}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x891) r2 = socket(0xf, 0x803, 0x28000) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)={0x40, 0x0, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_RTS_THRESHOLD={0x8, 0x40, 0x1f97}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x3}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x8}, @NL80211_ATTR_WIPHY_NAME={0x14, 0x2, 'vlan0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x40010}, 0x0) syz_emit_ethernet(0x8e, &(0x7f00000000c0)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "42bf00", 0x58, 0x3a, 0x0, @dev={0xfe, 0x80, [], 0x39}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7c, {0x0, 0x6, "ff112d", 0x8001, 0x29, 0x0, @mcast1, @remote, [@dstopts={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x3a], [@enc_lim]}, @srh={0x0, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@mcast2]}]}}}}}}}, 0x0) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffff}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 20:38:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 248.495575][T10975] FAT-fs (loop2): invalid media value (0x00) 20:38:28 executing program 0: kexec_load(0x0, 0x0, &(0x7f00000005c0), 0x0) [ 248.541036][T10975] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:28 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 248.570872][ T28] audit: type=1804 audit(1593463108.278:63): pid=10980 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/122/file0/bus" dev="sda1" ino=16307 res=1 [ 248.680493][T10982] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270ff", 0x15}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:28 executing program 3: r0 = socket$inet6(0xa, 0x400000000001, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x0, 0x0) bind(r3, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4081}, 0x4000800) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x20) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d000010) 20:38:28 executing program 0: socket$inet6(0xa, 0x200000000003, 0x87) syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@local, @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x18, 0x2b, 0x0, @local, @local, {[@hopopts={0x87}, @srh], {0x0, 0x0, 0x8}}}}}}, 0x0) [ 249.017307][T10994] FAT-fs (loop2): invalid media value (0x00) [ 249.043031][T10994] FAT-fs (loop2): Can't find a valid FAT filesystem [ 249.090052][ T28] audit: type=1804 audit(1593463108.798:64): pid=10997 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/123/file0/bus" dev="sda1" ino=16298 res=1 20:38:28 executing program 0: mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000080)='.\x00', &(0x7f00000000c0)='fuseblk\x00', 0x0, 0x0) 20:38:29 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:29 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x1c, 0x0, 0x7, 0x0, 0x0, {0x2, 0x3}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8}]}, 0x1c}}, 0x0) [ 249.429066][T11013] FAT-fs (loop2): bogus number of FAT sectors [ 249.467462][T11013] FAT-fs (loop2): Can't find a valid FAT filesystem [ 249.518118][ T28] audit: type=1804 audit(1593463109.228:65): pid=11016 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/124/file0/bus" dev="sda1" ino=16266 res=1 20:38:29 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000180)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"6400c346702cfc74c7c612305e3460cc"}}}}, 0x90) 20:38:29 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 249.887349][T11024] FAT-fs (loop2): bogus number of FAT sectors [ 249.920658][T11024] FAT-fs (loop2): Can't find a valid FAT filesystem [ 249.956950][ T28] audit: type=1804 audit(1593463109.658:66): pid=11030 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/125/file0/bus" dev="sda1" ino=16303 res=1 [ 251.974463][T10974] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.981914][T10974] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.247479][T10974] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 255.567263][T10974] batman_adv: batadv0: Interface deactivated: batadv_slave_1 20:38:38 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x3}, 0x0, 0x0, 0x0, 0x2, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) accept$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @initdev}, &(0x7f00000002c0)=0x10) getsockopt$rose(0xffffffffffffffff, 0x104, 0x3, &(0x7f0000000380), &(0x7f0000000500)=0x4) exit_group(0x0) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000005fbbcf5217c15f60a747066bb4c2bc28e1e97dd39676c51e5930d37e84edb9b4cb04bb15fac022c32acd576a6c76ba68d7f567506f0b1b447a443f1dde7edf43844c3cf5c96d2d1166f05a1deaab93605f4c34c7455c14d8b201b92563ea69cdbe2ec0d61c72bae678bc578ba66b8ad696d9bef053ed78e87206bf15b6cb740e02144941c0915674c2a897777c6ff47ef3b278f1b37e210865c68317a232223a007a97ff131697b226adab92e5b62f174d1fbb2a33ba442723cd42b7839e81c7", @ANYRES16=r0, @ANYBLOB="010b1000"/14], 0x14}}, 0x40090) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[@ANYRES16], 0x1c}, 0x1, 0x0, 0x0, 0x4c081}, 0x0) syz_emit_ethernet(0x76, &(0x7f0000000080)={@broadcast=[0xff, 0xff, 0xff, 0x0], @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a4f008", 0x40, 0x3a, 0x0, @empty={[0x3, 0x3c]}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0004e6", 0x0, 0x0, 0x0, @remote, @remote, [@routing={0x2f}], "000022ebffff0400"}}}}}}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x891) r2 = socket(0xf, 0x803, 0x28000) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)={0x40, 0x0, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_RTS_THRESHOLD={0x8, 0x40, 0x1f97}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x3}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x8}, @NL80211_ATTR_WIPHY_NAME={0x14, 0x2, 'vlan0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x40010}, 0x0) syz_emit_ethernet(0x8e, &(0x7f00000000c0)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "42bf00", 0x58, 0x3a, 0x0, @dev={0xfe, 0x80, [], 0x39}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7c, {0x0, 0x6, "ff112d", 0x8001, 0x29, 0x0, @mcast1, @remote, [@dstopts={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x3a], [@enc_lim]}, @srh={0x0, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@mcast2]}]}}}}}}}, 0x0) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffff}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 20:38:38 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:38 executing program 3: r0 = socket$inet6(0xa, 0x400000000001, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x0, 0x0) bind(r3, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4081}, 0x4000800) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x20) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d000010) 20:38:38 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(0x0, 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:38 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000001500)={0x0, @local, @local}, &(0x7f0000001540)=0xc) 20:38:38 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 259.316601][T11043] FAT-fs (loop2): bogus number of FAT sectors [ 259.342791][T11043] FAT-fs (loop2): Can't find a valid FAT filesystem 20:38:39 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x3}, 0x0, 0x0, 0x0, 0x2, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) accept$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @initdev}, &(0x7f00000002c0)=0x10) getsockopt$rose(0xffffffffffffffff, 0x104, 0x3, &(0x7f0000000380), &(0x7f0000000500)=0x4) exit_group(0x0) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000005fbbcf5217c15f60a747066bb4c2bc28e1e97dd39676c51e5930d37e84edb9b4cb04bb15fac022c32acd576a6c76ba68d7f567506f0b1b447a443f1dde7edf43844c3cf5c96d2d1166f05a1deaab93605f4c34c7455c14d8b201b92563ea69cdbe2ec0d61c72bae678bc578ba66b8ad696d9bef053ed78e87206bf15b6cb740e02144941c0915674c2a897777c6ff47ef3b278f1b37e210865c68317a232223a007a97ff131697b226adab92e5b62f174d1fbb2a33ba442723cd42b7839e81c7", @ANYRES16=r0, @ANYBLOB="010b1000"/14], 0x14}}, 0x40090) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[@ANYRES16], 0x1c}, 0x1, 0x0, 0x0, 0x4c081}, 0x0) syz_emit_ethernet(0x76, &(0x7f0000000080)={@broadcast=[0xff, 0xff, 0xff, 0x0], @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a4f008", 0x40, 0x3a, 0x0, @empty={[0x3, 0x3c]}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0004e6", 0x0, 0x0, 0x0, @remote, @remote, [@routing={0x2f}], "000022ebffff0400"}}}}}}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x891) r2 = socket(0xf, 0x803, 0x28000) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)={0x40, 0x0, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_RTS_THRESHOLD={0x8, 0x40, 0x1f97}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x3}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x8}, @NL80211_ATTR_WIPHY_NAME={0x14, 0x2, 'vlan0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x40010}, 0x0) syz_emit_ethernet(0x8e, &(0x7f00000000c0)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "42bf00", 0x58, 0x3a, 0x0, @dev={0xfe, 0x80, [], 0x39}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7c, {0x0, 0x6, "ff112d", 0x8001, 0x29, 0x0, @mcast1, @remote, [@dstopts={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x3a], [@enc_lim]}, @srh={0x0, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@mcast2]}]}}}}}}}, 0x0) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffff}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 259.433919][ T28] audit: type=1804 audit(1593463119.138:67): pid=11052 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/126/file0/bus" dev="sda1" ino=16190 res=1 20:38:39 executing program 3: syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={[{@nodiscard='nodiscard'}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 20:38:39 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:39 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(0x0, 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:39 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000001500)={0x0, @local, @local}, &(0x7f0000001540)=0xc) 20:38:39 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(0x0, 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:39 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x3}, 0x0, 0x0, 0x0, 0x2, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) accept$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @initdev}, &(0x7f00000002c0)=0x10) getsockopt$rose(0xffffffffffffffff, 0x104, 0x3, &(0x7f0000000380), &(0x7f0000000500)=0x4) exit_group(0x0) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000005fbbcf5217c15f60a747066bb4c2bc28e1e97dd39676c51e5930d37e84edb9b4cb04bb15fac022c32acd576a6c76ba68d7f567506f0b1b447a443f1dde7edf43844c3cf5c96d2d1166f05a1deaab93605f4c34c7455c14d8b201b92563ea69cdbe2ec0d61c72bae678bc578ba66b8ad696d9bef053ed78e87206bf15b6cb740e02144941c0915674c2a897777c6ff47ef3b278f1b37e210865c68317a232223a007a97ff131697b226adab92e5b62f174d1fbb2a33ba442723cd42b7839e81c7", @ANYRES16=r0, @ANYBLOB="010b1000"/14], 0x14}}, 0x40090) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[@ANYRES16], 0x1c}, 0x1, 0x0, 0x0, 0x4c081}, 0x0) syz_emit_ethernet(0x76, &(0x7f0000000080)={@broadcast=[0xff, 0xff, 0xff, 0x0], @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a4f008", 0x40, 0x3a, 0x0, @empty={[0x3, 0x3c]}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0004e6", 0x0, 0x0, 0x0, @remote, @remote, [@routing={0x2f}], "000022ebffff0400"}}}}}}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x891) r2 = socket(0xf, 0x803, 0x28000) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)={0x40, 0x0, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_RTS_THRESHOLD={0x8, 0x40, 0x1f97}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x3}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x8}, @NL80211_ATTR_WIPHY_NAME={0x14, 0x2, 'vlan0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x40010}, 0x0) syz_emit_ethernet(0x8e, &(0x7f00000000c0)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "42bf00", 0x58, 0x3a, 0x0, @dev={0xfe, 0x80, [], 0x39}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7c, {0x0, 0x6, "ff112d", 0x8001, 0x29, 0x0, @mcast1, @remote, [@dstopts={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x3a], [@enc_lim]}, @srh={0x0, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@mcast2]}]}}}}}}}, 0x0) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffff}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 259.775447][T11069] XFS (loop3): Invalid superblock magic number [ 259.782033][ T28] audit: type=1804 audit(1593463119.478:68): pid=11073 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/127/bus" dev="sda1" ino=16243 res=1 20:38:39 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(0x0, 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:39 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000001500)={0x0, @local, @local}, &(0x7f0000001540)=0xc) 20:38:39 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(0x0, 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:39 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) alarm(0x80000000) 20:38:39 executing program 3: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000480)=ANY=[], 0x2e7) 20:38:40 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) semop(0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(0xffffffffffffffff, 0xc040563d, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, 0x0, 0x0) r1 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) r2 = add_key$keyring(&(0x7f0000000540)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_MOVE(0x1e, r2, 0xffffffffffffffff, r1, 0x0) 20:38:40 executing program 5: r0 = socket$can_j1939(0x1d, 0x2, 0x7) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000000)={0x1d, r4, 0x2}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000080)={&(0x7f0000000b40)={0x1d, 0x0, 0x0, {0x0, 0x1ee}}, 0x18, &(0x7f0000000b80)={&(0x7f0000000100)='\x00', 0x8}}, 0x0) [ 260.303422][ T28] audit: type=1804 audit(1593463120.008:69): pid=11106 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/128/bus" dev="sda1" ino=16317 res=1 [ 260.424984][T11122] vcan0: tx address claim with different name 20:38:40 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:40 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:40 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000001500)={0x0, @local, @local}, &(0x7f0000001540)=0xc) 20:38:40 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(0x0, 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:40 executing program 3: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8, 0x0) write$binfmt_elf64(r1, 0x0, 0xfffffd88) 20:38:40 executing program 5: semtimedop(0x0, &(0x7f0000000200)=[{0x2, 0xfe00}], 0x1, 0x0) 20:38:40 executing program 5: socket$inet6(0xa, 0x200000000003, 0x87) syz_emit_ethernet(0x46, &(0x7f00000000c0)={@local, @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x10, 0x2b, 0x0, @local, @local, {[@hopopts={0x87}], {0x0, 0x0, 0x8}}}}}}, 0x0) [ 260.657399][ T28] audit: type=1804 audit(1593463120.368:70): pid=11135 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/129/bus" dev="sda1" ino=16313 res=1 20:38:40 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = semget$private(0x0, 0x20000000102, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0}) semtimedop(r0, &(0x7f0000000200)=[{0x2, 0xfe00}], 0x1, &(0x7f0000000240)={r1}) semop(r0, &(0x7f0000000000)=[{0x2, 0x7fff}], 0x1) 20:38:40 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:40 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:40 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a02}]) 20:38:40 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:40 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:40 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 20:38:40 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) [ 260.974630][ T28] audit: type=1804 audit(1593463120.678:71): pid=11161 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/130/bus" dev="sda1" ino=16296 res=1 20:38:40 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a02}]) [ 261.272126][ T28] audit: type=1804 audit(1593463120.978:72): pid=11178 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/131/bus" dev="sda1" ino=16190 res=1 20:38:41 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000340)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20) 20:38:41 executing program 5: r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x0, 'syzkaller1\x00'}) setsockopt$ax25_SO_BINDTODEVICE(r0, 0x101, 0x19, &(0x7f0000000140)=@netrom={'nr', 0x0}, 0x10) clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000e40)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000150600000fff07003506000043fe0000070600000ee60000bf050000000000001f650000000000006507000002000000270700004c0000001f75000000000000bf5400000000000007040000f0fff8ffad430100000000009500000000000000050000000000000095000000000000001c0a7900009d3c2792432a4fa650c512aee994a5642cb064ecd5615f3196e3359aceb768637e60bd5d2e4b5992de991371274fdff6e79fc722e25659a7c85615c1b88bc894123cfe2314e887efecdcb7381ef4932cb0dcebea6d90e9c1677fbefd35893d883a2c559b7a34db461b1974af360eace66cec40d92706d0bbcc5bf6fec345ae9606c3c1a348f9b395592c1018e5e4b41b13000c94df1f2db24c67d4c7ba9ec035883e2791a9e9dff3e8bfc7d1be000000820102b1900000000000000000387a601e3a3412086dee84efd375f0645f3301f55d3b9efdfbed9b430bcf0418e100bdff1c8bcfc0c229874bc3d2418bab997c8bef9aa55841caa572ddff9220c67c9e17bee524c3dc747445763ecb0a7f2cd12bc34b0fc0271124cfb5279195f701000000f77c71294bbfd85878726c49eb89085967722da6cb884d1afe82f7f722e383979962717002410902272dd8b754b2dd36d44f92991a7817450bc7921dd372e621dd447b86e7ffd1bdc198deb495cac0995ca3ef6c1affb693ae366b0f11db6ee4830db4713e5ce6cac6a27e29f171b8e9f172c3db24558d77b8bf18be45c50b3fc005fa7b134dfc948f6015e0389d7f34cb9c02cf517c8ed7a9b6159c1446ef1c2ccff2bde95aa860ed9b836d6b8fcab7663d9bd8415e6f90fdb007b8f3e078e3a638c4fdb8562eb85173720c1df9147c9f5013c82fc98604bd70cd56609a6b73943748a90002d9cf81bcb1d262845762f6b0a284cc463b42492bab0f7b25895cc3ba8bf0b5e0fc018463d03a73fa85429725545128b0e9b550a13d0dd35092250bbce4f618cad2375a34c7f15c3096f300004468cf1aba4a6f21ed0eb3681c696320d3251b7eab79ad8b126500419e25a94ce13a7a96deac79c90b8df10b1e364cf97eaa49fd22942a0fad0d814f230f954eec849b36a80306e8041f5e7e39e9442a30b53164aa0422da116cd5649f29d21d57163df6a760fbe5d134df32dc79c570c14077dde242472c77facd3cbe97df6efea9363c6d53f50680776c5e99990f7b4f3ae0d7896347cd6baa375e229e467f5dadc6c38c470a39e91f65ef2776ee75eec26a416dce537b104700020000000000008266490c00bf3167563be058c927109c37f347f2e012790b906d0a60f7dbe9b6c0808f6d431bcac2a1467766024325b0f1a3e398e86417b3d1ed056cd42d9979a3f4eaa27fb8962ba66daac75a16a6cf965816768a42970c2d18a23fb743cd0809adcdf2e16295d16e1307245678b8ed625ef4061912f130f4e5e277e6166bcaddf1e5c97b7fb16332375316f9b677534a68a820b7b2bbdf35c30ec6a79902cbe7d17309ed85c2af51d5213041bd98178687deffd0fe351992502657064f19860ae7a5cc489a9a9123a4f92a6e1e54"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x1f1}, 0x48) exit(0x1cffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bind$nfc_llcp(r2, 0x0, 0x0) 20:38:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:41 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:41 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:41 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a02}]) 20:38:41 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:41 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x54, r1, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x2c, 0x8, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg='\xdb\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff'}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}]}, 0x54}}, 0x0) 20:38:41 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 261.707622][ T28] audit: type=1804 audit(1593463121.418:73): pid=11205 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/132/bus" dev="sda1" ino=16323 res=1 20:38:41 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(0x0, 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:41 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:41 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_NAME(r0, 0x770a, 0x0) 20:38:41 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'ipvlan0\x00', {0x2, 0x0, @local}}) 20:38:41 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:41 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:41 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(0x0, 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:42 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') read$FUSE(r0, 0x0, 0x0) 20:38:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:42 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:42 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x0, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:42 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x7fff}], 0x1) [ 262.535498][T11262] kvm: emulating exchange as write 20:38:42 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(0x0, 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:42 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:42 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x0, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:42 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 20:38:42 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:42 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r0, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000080)=0x3) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r0, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:42 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x0, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 263.194977][T11254] debugfs: Directory '11254-4' with parent 'kvm' already present! 20:38:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:43 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r0, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000080)=0x3) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r0, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:43 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$afs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:43 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(0x0, 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:43 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:43 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, 0x0) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:43 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r0, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000080)=0x3) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r0, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:43 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:43 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(0x0, 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:43 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000080)=0x3) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:43 executing program 3: r0 = socket$can_j1939(0x1d, 0x2, 0x7) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000000)={0x1d, r4, 0x2}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000080)={&(0x7f0000000b40), 0x18, &(0x7f0000000b80)={&(0x7f0000000100)='\x00', 0x8}}, 0x0) 20:38:43 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, 0x0) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 263.764812][T11337] vcan0: tx drop: invalid sa for name 0x0000000000000002 20:38:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:43 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:43 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000080)=0x3) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:43 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) rt_sigtimedwait(&(0x7f0000000280), 0x0, &(0x7f00000002c0), 0x8) 20:38:43 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, 0x0) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:43 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(0x0, 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:44 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000080)=0x3) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:44 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:44 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(0xffffffffffffffff, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:44 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_setup(0x8d7, &(0x7f0000000380)={0x0, 0x0, 0x1}) 20:38:44 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) [ 264.654077][ T28] audit: type=1804 audit(1593463124.358:74): pid=11380 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/139/bus" dev="sda1" ino=15969 res=1 20:38:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:44 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:44 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(0xffffffffffffffff, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:44 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:44 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) kexec_load(0x0, 0x10, &(0x7f00000005c0)=[{0x0, 0x0, 0x9165a000, 0x3e0000}], 0x0) 20:38:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:45 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) [ 265.302230][ T28] audit: type=1804 audit(1593463125.008:75): pid=11409 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/140/file0/bus" dev="loop2" ino=40 res=1 20:38:45 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:45 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000080)=0x3) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:45 executing program 0: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:45 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(0xffffffffffffffff, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 265.604338][ T28] audit: type=1804 audit(1593463125.308:76): pid=11431 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/141/file0/bus" dev="loop2" ino=41 res=1 20:38:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:45 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:45 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) kexec_load(0x0, 0x10, &(0x7f00000005c0)=[{0x0, 0x0, 0x9165a000, 0x3e0000}], 0x0) 20:38:45 executing program 0: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:45 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000080)=0x3) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:45 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, 0xffffffffffffffff, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:45 executing program 0: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) [ 266.189241][ T28] audit: type=1804 audit(1593463125.898:77): pid=11453 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/142/file0/bus" dev="loop2" ino=42 res=1 20:38:46 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) kexec_load(0x0, 0x10, &(0x7f00000005c0)=[{0x0, 0x0, 0x9165a000, 0x3e0000}], 0x0) 20:38:46 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000080)=0x3) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:46 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:46 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, 0xffffffffffffffff, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:46 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x0) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:46 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:46 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) [ 266.603612][ T28] audit: type=1804 audit(1593463126.308:78): pid=11481 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/143/file0/bus" dev="loop2" ino=43 res=1 20:38:46 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x0) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:46 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, 0xffffffffffffffff, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:46 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000070601010000000000000000000000000500010006"], 0x1c}}, 0x0) 20:38:46 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:46 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) [ 266.872162][ T28] audit: type=1804 audit(1593463126.578:79): pid=11505 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/144/bus" dev="sda1" ino=15889 res=1 20:38:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:46 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x0, 0x1000}], 0x1, &(0x7f0000000240)) 20:38:46 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:46 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x0) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:46 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:46 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:46 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) keyctl$revoke(0x3, 0x0) perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x41, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x0, 0x50}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, 0x0, 0x20008000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) pipe(0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0xfffffffe}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000040)='F', 0xfffffffffffffe43, 0x20000003, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, &(0x7f0000000040)='F', 0xfffffffffffffe43, 0x20000003, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) [ 267.198596][ T28] audit: type=1804 audit(1593463126.908:80): pid=11526 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/145/file0/bus" dev="loop2" ino=44 res=1 20:38:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:47 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:47 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0x0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 267.354591][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 20:38:47 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:47 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) [ 267.507886][ T28] audit: type=1804 audit(1593463127.218:81): pid=11557 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/146/file0/bus" dev="loop2" ino=45 res=1 20:38:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:47 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0x0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 267.773488][ T28] audit: type=1804 audit(1593463127.478:82): pid=11578 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/147/file0/bus" dev="loop2" ino=46 res=1 20:38:47 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) syncfs(r0) 20:38:47 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:47 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0x0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:48 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, 0x0) io_submit(0x0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:38:48 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) [ 268.250577][ T28] audit: type=1804 audit(1593463127.958:83): pid=11599 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/148/file0/bus" dev="loop2" ino=47 res=1 20:38:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:48 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semtimedop(0x0, &(0x7f0000000200)=[{0x2, 0xfe00}], 0x1, 0x0) 20:38:48 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:48 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, 0x0) io_submit(0x0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:38:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:48 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1, 0x0) 20:38:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:48 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) 20:38:48 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, 0x0) io_submit(0x0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:38:48 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, 0x0, 0x0, 0x0) 20:38:48 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)) io_submit(0x0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:38:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x0, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:48 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, 0x0, 0x0, 0x0) 20:38:48 executing program 3: sendmsg$alg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) open(&(0x7f0000000240)='./bus\x00', 0x141042, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="d800000018008100e00f80ecdb4cb9040a5a65ef0b007c05e87c55a1bc000900b8000699030000000500150005008178a8001600400001400200000003ac040000d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe04000000730d16a4683e4f6d0200003f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f27260e9703", 0xd8}], 0x1}, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) [ 269.247820][T11674] IPv6: NLM_F_CREATE should be specified when creating new route [ 269.258283][T11674] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.3'. [ 269.349881][T11670] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.3'. 20:38:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:49 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)) io_submit(0x0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:38:49 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x0, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:49 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, 0x0, 0x0, 0x0) 20:38:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:49 executing program 3: sendmsg$alg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) open(&(0x7f0000000240)='./bus\x00', 0x141042, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="d800000018008100e00f80ecdb4cb9040a5a65ef0b007c05e87c55a1bc000900b8000699030000000500150005008178a8001600400001400200000003ac040000d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe04000000730d16a4683e4f6d0200003f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f27260e9703", 0xd8}], 0x1}, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 20:38:49 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080), 0x0, 0x0) 20:38:49 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)) io_submit(0x0, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r1, 0x1000000000016) r5 = socket$inet6(0xa, 0x2, 0x0) dup3(r5, r0, 0x0) 20:38:49 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x0, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 269.780146][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 269.780156][ T28] audit: type=1804 audit(1593463129.488:87): pid=11689 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/152/file0/bus" dev="loop2" ino=51 res=1 [ 269.811753][T11698] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.3'. 20:38:49 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080), 0x0, 0x0) 20:38:49 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setuid(0xee01) semtimedop(0x0, &(0x7f0000000200)=[{0x2, 0xfe00}], 0x1, &(0x7f0000000240)) 20:38:49 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080), 0x0, 0x0) [ 270.082285][ T28] audit: type=1804 audit(1593463129.788:88): pid=11715 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/153/file0/bus" dev="loop2" ino=52 res=1 20:38:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:50 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:50 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{0x0}], 0x1, 0x0) 20:38:50 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, 0x0) io_submit(0x0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:50 executing program 3: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x908, 0x1) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f00000000c0)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$binderN(0x0, 0x0, 0x0) 20:38:50 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{0x0}], 0x1, 0x0) [ 270.787585][ T28] audit: type=1804 audit(1593463130.498:89): pid=11740 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/154/file0/bus" dev="loop2" ino=53 res=1 20:38:50 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 270.838485][T11748] usb usb2: usbfs: process 11748 (syz-executor.3) did not claim interface 0 before use 20:38:50 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, 0x0) io_submit(0x0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) [ 270.893582][T11751] usb usb2: usbfs: process 11751 (syz-executor.3) did not claim interface 0 before use 20:38:50 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') preadv(r0, &(0x7f0000000080)=[{0x0}], 0x1, 0x0) 20:38:50 executing program 3: r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r0, 0x641e, 0x0) 20:38:50 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 271.182417][ T28] audit: type=1804 audit(1593463130.888:90): pid=11763 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/155/file0/bus" dev="loop2" ino=54 res=1 20:38:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:51 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x40000008, 0x4) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'geneve0\x00', 0x0}) bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r0, &(0x7f0000000300)="0503d03206023e0400a0c800c513f7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0x0, 0x0, 0x0) 20:38:51 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, 0x0) io_submit(0x0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:51 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x2b, 0x1, 0x0) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) [ 271.752074][ T28] audit: type=1804 audit(1593463131.458:91): pid=11786 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/156/file0/bus" dev="loop2" ino=55 res=1 20:38:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:51 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x0, &(0x7f00000005c0)) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:51 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)) io_submit(0x0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:51 executing program 3: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f0000000140)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x8810, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup(r0, &(0x7f00000001c0)='syz0\x00', 0x1ff) 20:38:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x132a00}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:51 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x0, &(0x7f00000005c0)) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 272.151962][ T28] audit: type=1804 audit(1593463131.858:92): pid=11813 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/157/file0/bus" dev="loop2" ino=56 res=1 [ 272.189126][T11812] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. 20:38:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)) io_submit(0x0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x40, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 20:38:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:52 executing program 0: r0 = memfd_create(&(0x7f0000000080)='/dev/aats\x00', 0x0) shmat(0x0, &(0x7f0000001000/0x1000)=nil, 0x6000) mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x0, 0x11, r0, 0x0) 20:38:52 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x0, &(0x7f00000005c0)) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 272.589990][ T28] audit: type=1804 audit(1593463132.298:93): pid=11834 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/158/file0/bus" dev="loop2" ino=58 res=1 20:38:52 executing program 0: r0 = memfd_create(&(0x7f0000000080)='/dev/aats\x00', 0x0) shmget$private(0x0, 0xf000, 0x0, &(0x7f0000000000/0xf000)=nil) shmat(0x0, &(0x7f0000001000/0x1000)=nil, 0x6000) mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x0, 0x11, r0, 0x0) getsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0) 20:38:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)) io_submit(0x0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000), 0x200a02}]) 20:38:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x40, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 20:38:52 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) r3 = socket(0x200000000000011, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) bind$packet(r3, &(0x7f0000000080)={0x11, 0x0, r5}, 0x14) getsockname$packet(r3, &(0x7f0000000500)={0x11, 0x0, 0x0}, &(0x7f0000000040)=0x10eef0f1) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x144, 0x10, 0x713, 0x0, 0x0, {{@in=@local, @in6=@mcast2}, {@in6=@empty, 0x0, 0x32}, @in=@empty, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @offload={0xc, 0x1c, {r6}}]}, 0x144}}, 0x0) 20:38:52 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000005c0)=[0x0]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 273.006970][ T28] audit: type=1804 audit(1593463132.708:94): pid=11870 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/159/file0/bus" dev="loop2" ino=59 res=1 20:38:52 executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) io_setup(0x9, &(0x7f0000000240)=0x0) connect$can_bcm(r0, &(0x7f0000000140), 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r2, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f0200"/56, 0x38}]) io_submit(r1, 0x2000000000000072, &(0x7f0000000080)) [ 273.098475][T11872] netdevsim netdevsim0 netdevsim0: Unsupported IPsec algorithm 20:38:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x0, 0x0) [ 273.139781][T11872] netdevsim netdevsim0 netdevsim0: Failed to get key data for SA table 20:38:52 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000005c0)=[0x0]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 273.403852][ T28] audit: type=1804 audit(1593463133.108:95): pid=11893 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/160/file0/bus" dev="sda1" ino=16379 res=1 20:38:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:53 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000280)="62f23e748cdfecc0d3bcb88248f9f8f8e87edc5637656d6e511dcdc6041c8d8a0957939950c15c7ac6360c7820e1d5957ba4167f17600b58767db91e29eb92a20f86dddfb0f8dda322d3ddeadba924051c7894f228f090746b1a55e851e7dcaae4d8411f6806d216b4f2e7eca231a301cc0c9bb4bb5598a94336a99790d3b77dcda45483c1fb1194c56ddfddb587442754e6c815", 0x94, 0x9}], 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f00000001c0)={0x50}, 0x50) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xabb, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000101308006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) 20:38:53 executing program 3: 20:38:53 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000005c0)=[0x0]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:53 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x0, 0x0) 20:38:53 executing program 3: 20:38:53 executing program 0: 20:38:53 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:53 executing program 3: 20:38:53 executing program 0: [ 273.904784][ T28] audit: type=1804 audit(1593463133.608:96): pid=11924 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/161/file0/bus" dev="loop2" ino=60 res=1 20:38:53 executing program 3: 20:38:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:54 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x0, 0x0) 20:38:54 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:54 executing program 0: 20:38:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:54 executing program 3: 20:38:54 executing program 0: 20:38:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:54 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x0, &(0x7f0000000540)) 20:38:54 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 274.942134][T11965] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 274.976752][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 274.976766][ T28] audit: type=1804 audit(1593463134.678:98): pid=11972 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/163/file0/bus" dev="loop2" ino=62 res=1 20:38:54 executing program 0: 20:38:54 executing program 3: 20:38:54 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x0, &(0x7f0000000540)) 20:38:54 executing program 0: 20:38:54 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:55 executing program 3: 20:38:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:55 executing program 3: [ 275.450673][ T28] audit: type=1804 audit(1593463135.158:99): pid=11990 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/164/file0/bus" dev="loop2" ino=63 res=1 [ 275.478229][T11992] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:55 executing program 0: 20:38:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:55 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x0, &(0x7f0000000540)) 20:38:55 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:55 executing program 0: 20:38:55 executing program 3: 20:38:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:55 executing program 0: [ 276.024425][ T28] audit: type=1804 audit(1593463135.728:100): pid=12016 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/165/file0/bus" dev="loop2" ino=64 res=1 20:38:55 executing program 3: 20:38:55 executing program 0: 20:38:55 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[0x0]) 20:38:55 executing program 3: 20:38:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:56 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:56 executing program 0: 20:38:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:56 executing program 3: [ 276.450631][ T28] audit: type=1804 audit(1593463136.158:101): pid=12041 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/166/file0/bus" dev="loop2" ino=65 res=1 20:38:56 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[0x0]) 20:38:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:56 executing program 0: 20:38:56 executing program 3: 20:38:56 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:56 executing program 3: 20:38:56 executing program 0: [ 276.787196][ T28] audit: type=1804 audit(1593463136.498:102): pid=12068 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/167/file0/bus" dev="loop2" ino=66 res=1 [ 276.814715][T12063] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:56 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[0x0]) 20:38:56 executing program 3: 20:38:56 executing program 0: 20:38:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:56 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:56 executing program 3: 20:38:56 executing program 0: 20:38:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 277.172621][ T28] audit: type=1804 audit(1593463136.878:103): pid=12089 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/168/file0/bus" dev="loop2" ino=67 res=1 20:38:56 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a02}]) 20:38:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:57 executing program 3: 20:38:57 executing program 0: 20:38:57 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 277.431554][T12105] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:57 executing program 3: 20:38:57 executing program 0: 20:38:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 277.518779][ T28] audit: type=1804 audit(1593463137.228:104): pid=12114 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/169/file0/bus" dev="loop2" ino=68 res=1 20:38:57 executing program 3: 20:38:57 executing program 0: 20:38:57 executing program 3: 20:38:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a02}]) 20:38:57 executing program 3: 20:38:57 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, 0x0, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:57 executing program 0: [ 277.912749][ T28] audit: type=1804 audit(1593463137.618:105): pid=12141 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/170/file0/bus" dev="loop2" ino=69 res=1 20:38:57 executing program 0: 20:38:57 executing program 3: 20:38:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a02}]) 20:38:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:57 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, 0x0, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:57 executing program 0: 20:38:57 executing program 3: 20:38:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:58 executing program 3: [ 278.295688][ T28] audit: type=1804 audit(1593463137.998:106): pid=12166 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/171/file0/bus" dev="loop2" ino=70 res=1 20:38:58 executing program 0: 20:38:58 executing program 3: 20:38:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 20:38:58 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, 0x0, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) [ 278.421210][T12173] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:58 executing program 0: 20:38:58 executing program 3: 20:38:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:58 executing program 0: 20:38:58 executing program 3: [ 278.695505][T12193] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:58 executing program 0: 20:38:58 executing program 0: [ 278.730564][ T28] audit: type=1804 audit(1593463138.438:107): pid=12189 uid=0 auid=0 ses=4 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir334448852/syzkaller.GzMjom/172/file0/bus" dev="loop2" ino=71 res=1 20:38:58 executing program 0: 20:38:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 20:38:58 executing program 3: 20:38:58 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:38:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:38:58 executing program 0: 20:38:58 executing program 3: [ 279.114185][T12222] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:38:58 executing program 0: 20:38:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000440)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb3c906d6b66732e666174000204010002000270fff8f2", 0x17}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) dup3(r2, r1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 20:38:59 executing program 0: 20:38:59 executing program 3: 20:38:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:38:59 executing program 0: 20:38:59 executing program 3: 20:39:01 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:39:01 executing program 0: 20:39:01 executing program 2: 20:39:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:39:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:39:01 executing program 3: 20:39:01 executing program 0: 20:39:01 executing program 3: 20:39:01 executing program 2: [ 282.159821][T12263] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:39:02 executing program 0: 20:39:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:39:02 executing program 3: 20:39:04 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000fd7000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:39:04 executing program 2: 20:39:04 executing program 3: 20:39:04 executing program 0: 20:39:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 20:39:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:39:05 executing program 3: 20:39:05 executing program 2: 20:39:05 executing program 0: [ 285.307696][T12306] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:39:05 executing program 2: 20:39:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 20:39:05 executing program 0: 20:39:08 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:39:08 executing program 3: 20:39:08 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000002bc0), 0x40001be, 0x10102, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) r3 = dup2(r0, r2) write$ppp(r3, &(0x7f0000000340)='[', 0x1) socket$inet_udplite(0x2, 0x2, 0x88) 20:39:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:39:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 20:39:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:39:08 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) r1 = socket(0x400000000000010, 0x2, 0x0) write(r1, &(0x7f00000000c0)="24000000200099f0003be90000ed190e020008160000100000ba1080080002007f196be0", 0x24) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = fcntl$dupfd(r2, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000000), 0x4) 20:39:08 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r0, 0xae9a) ioctl$KVM_RUN(r0, 0xae80, 0x0) [ 288.485968][T12349] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 288.487667][T12351] kvm [12346]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000007 [ 288.573460][T12351] kvm [12346]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000007 [ 288.626665][T12351] kvm [12346]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x4000007f 20:39:08 executing program 3: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) [ 288.678519][T12351] kvm [12346]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x4000007f 20:39:08 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r0, 0xae9a) ioctl$KVM_RUN(r0, 0xae80, 0x0) [ 288.731442][T12351] kvm [12346]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x4000007f 20:39:08 executing program 2: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000880)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x101) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010500000001000000ff07000000fffffffd000800000000000000004000ffffff8500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 288.775291][T12351] kvm [12346]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x4000007e 20:39:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 288.840617][T12351] kvm [12346]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x4000007e [ 288.875130][T12351] kvm [12346]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x4000007e [ 288.923720][T12351] kvm [12346]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x4000007e [ 288.945181][T12383] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. [ 289.061565][T12382] loop2: p1 < > p2 p3 < p5 p6 > p4 [ 289.159485][T12382] loop2: p2 size 1073741824 extends beyond EOD, truncated [ 289.208505][T12382] loop2: p5 size 1073741824 extends beyond EOD, truncated [ 289.278064][ T3885] loop2: p1 < > p2 p3 < p5 p6 > p4 [ 289.301074][ T3885] loop2: p2 size 1073741824 extends beyond EOD, truncated [ 289.332993][ T3885] loop2: p5 size 1073741824 extends beyond EOD, truncated [ 289.438148][T12421] loop2: p1 < > p2 p3 < p5 p6 > p4 [ 289.451847][T12421] loop2: p2 size 1073741824 extends beyond EOD, truncated [ 289.513511][T12421] loop2: p5 size 1073741824 extends beyond EOD, truncated [ 289.536619][ T3885] loop2: p1 < > p2 p3 < p5 p6 > p4 [ 289.545141][ T3885] loop2: p2 size 1073741824 extends beyond EOD, truncated [ 289.564637][ T3885] loop2: p5 size 1073741824 extends beyond EOD, truncated 20:39:11 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:39:11 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r0, 0xae9a) ioctl$KVM_RUN(r0, 0xae80, 0x0) 20:39:11 executing program 0: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x2f, 0x0, &(0x7f0000cab000)) 20:39:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:39:11 executing program 2: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vhci\x00', 0x0) poll(&(0x7f0000000400)=[{r0}], 0x1, 0x73b6) 20:39:11 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) 20:39:11 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) r1 = socket(0x400000000000010, 0x2, 0x0) write(r1, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = fcntl$dupfd(r2, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$sock_int(r0, 0x1, 0x1, &(0x7f0000000000)=0x1, 0x4) 20:39:11 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r1, 0xae9a) ioctl$KVM_RUN(r1, 0xae80, 0x0) 20:39:11 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x7005, 0x0) [ 291.644584][T12479] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4241646265 (4241646265 ns) > initial count (296265111 ns). Using initial count to start timer. 20:39:11 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r1, 0xae9a) ioctl$KVM_RUN(r1, 0xae80, 0x0) 20:39:11 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000340)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c09, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "f8ca781d5f7e93115c52fa936f014904ccdb29372829d175a4e80426585243b3926d887f686449fdd786f718d8343d49d4273cc82ed2a2cf63524fc21d710476", "92ef27daf4634f9065ecbc04c983083f390c3d7bf9ac5c11d0b60f5d070e9826557914da1567ee4534b1192353f3f801223d563be035c7fb302fe546973e9c78", "1e3c5b7be4da2a17da000000f6ff000000000000080000001d000000000000c3"}) 20:39:11 executing program 0: prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000008000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000009000/0x3000)=nil, &(0x7f0000009000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0}, 0x68) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='cmdline\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x80000002) 20:39:14 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="2c02", 0x2}], 0x1}, 0xc100) sendmsg(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) 20:39:14 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a0b2830d01d3800000000ff07434c92"], 0x3a) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r1, 0xae9a) ioctl$KVM_RUN(r1, 0xae80, 0x0) 20:39:14 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="665f07000005eb30", 0x8}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:39:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x0) ioctl$KVM_SET_CPUID(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 20:39:14 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) io_setup(0xc0, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}]) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup3(r3, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000d07000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000016) r6 = socket$inet6(0xa, 0x2, 0x0) dup3(r6, r0, 0x0) 20:39:14 executing program 2: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setsockopt$inet6_MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f0000000480)={{0xa, 0xfffd, 0x0, @local}, {0xa, 0x0, 0x1ff, @private2, 0x1}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x5c) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb, 0x0, 0x6, 0x0, 0x400000000000000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 294.744884][ C1] traps: PANIC: double fault, error_code: 0x0 [ 294.744888][ C1] double fault: 0000 [#1] PREEMPT SMP KASAN [ 294.744891][ C1] CPU: 1 PID: 12520 Comm: syz-executor.3 Not tainted 5.8.0-rc2-syzkaller #0 [ 294.744895][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.744898][ C1] RIP: 0010:check_preemption_disabled+0xa/0x240 [ 294.744906][ C1] Code: e8 1b 91 57 f9 48 c7 c7 be a1 e9 88 48 c7 c6 4f 27 04 89 eb 0b 90 66 2e 0f 1f 84 00 00 00 00 00 55 41 57 41 56 41 55 41 54 53 <50> 49 89 f6 49 89 ff e8 ea 90 57 f9 65 8b 1d 2b d0 e4 77 65 8b 2d [ 294.744908][ C1] RSP: 0018:fffffe0000037000 EFLAGS: 00010087 [ 294.744914][ C1] RAX: ffffffff881cc549 RBX: 0000000000000000 RCX: 0000000000040000 [ 294.744918][ C1] RDX: ffffc9000face000 RSI: ffffffff8904a21f RDI: ffffffff88f45377 [ 294.744921][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 294.744924][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 294.744928][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: fffffe0000037120 [ 294.744931][ C1] FS: 00007efe8250f700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 294.744934][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 294.744938][ C1] CR2: fffffe0000036ff8 CR3: 00000000a2d33000 CR4: 00000000001426e0 [ 294.744941][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 294.744945][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 294.744946][ C1] Call Trace: [ 294.744949][ C1] [ 294.744951][ C1] fixup_bad_iret+0x3a/0xf0 [ 294.744953][ C1] error_entry+0xb8/0xc0 [ 294.744956][ C1] RIP: 0010:native_irq_return_iret+0x0/0x2 [ 294.744963][ C1] Code: 5a 41 59 41 58 58 59 5a 5e 5f 48 83 c4 08 e9 10 00 00 00 90 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 f6 44 24 20 04 75 02 <48> cf 57 0f 01 f8 0f 1f 00 65 48 8b 3c 25 08 90 01 00 48 89 07 48 [ 294.744966][ C1] RSP: 0018:fffffe00000371d8 EFLAGS: 00010046 ORIG_RAX: 0000000000000000 [ 294.744972][ C1] RAX: fffffffffffffff7 RBX: 0000000000000000 RCX: 0000000000000000 [ 294.744975][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 [ 294.744979][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 294.744982][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 294.744986][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 294.744988][ C1] ? asm_exc_general_protection+0x8/0x30 [ 294.744991][ C1] RIP: 0033:0x30eb050000075f66 [ 294.744993][ C1] Code: Bad RIP value. [ 294.744997][ C1] RSP: 002b:00007efe8250ec78 EFLAGS: 00000346 [ 294.744999][ C1] Modules linked in: [ 295.002040][ C1] ---[ end trace 026aeddd6af03565 ]--- [ 295.002044][ C1] RIP: 0010:check_preemption_disabled+0xa/0x240 [ 295.002051][ C1] Code: e8 1b 91 57 f9 48 c7 c7 be a1 e9 88 48 c7 c6 4f 27 04 89 eb 0b 90 66 2e 0f 1f 84 00 00 00 00 00 55 41 57 41 56 41 55 41 54 53 <50> 49 89 f6 49 89 ff e8 ea 90 57 f9 65 8b 1d 2b d0 e4 77 65 8b 2d [ 295.002054][ C1] RSP: 0018:fffffe0000037000 EFLAGS: 00010087 [ 295.002060][ C1] RAX: ffffffff881cc549 RBX: 0000000000000000 RCX: 0000000000040000 [ 295.002063][ C1] RDX: ffffc9000face000 RSI: ffffffff8904a21f RDI: ffffffff88f45377 [ 295.002066][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 295.002070][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 295.002073][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: fffffe0000037120 [ 295.002077][ C1] FS: 00007efe8250f700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 295.002080][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 295.002083][ C1] CR2: fffffe0000036ff8 CR3: 00000000a2d33000 CR4: 00000000001426e0 [ 295.002087][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 295.002090][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 295.002093][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 295.003206][ C1] Kernel Offset: disabled