688c731947b027c68bfc12fbe4c2ad844cd4f82bc244de0474894985c9ede5cc80e9bf453d115ac259d2af25dd26e0d9a5fbc141505845edc509a6c3d7f61d4efc4463f462533ab8abb06b7aaf75777fa1a406471ee09570d585886720806279f0b934f107782a882fd30c74de06a6120f1ff767b5028c542487bbbb597e3e475433655e82b765ace7876760de41ee2a7b29ee9f000b5c31c07e51997ec891a03e6b9a619f960d325f834dc26a91405fbf7f472977d3ccffb59e03537e38a13a8ebda433080752e80a57d5c1c176edc71b8f04"])

23:32:16 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  795.061189] Unknown ioctl 35298
23:32:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f00000000c0)={0x9f0000, 0x45, 0xfffffffc, <r3=>r1, 0x0, &(0x7f0000000040)={0x2ab394cbc5075137, 0x8001, [], @p_u8=&(0x7f0000000000)=0x5}})
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x4}, 0x8)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))

23:32:16 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5423, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:16 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000280)={0x4, 0x0, 0xd000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = dup2(r2, r4)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00')
sendmsg$IPVS_CMD_SET_DEST(r5, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x88, r6, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7fffffff}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x1b81}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x10001}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xafd}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x400}]}, 0x88}, 0x1, 0x0, 0x0, 0x60001}, 0x4000)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r8, 0x5000aea5, &(0x7f0000000080))

23:32:16 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000400)={{{@in=@empty, @in6=@local}}, {{@in6=@dev}, 0x0, @in6=@local}}, &(0x7f0000000340)=0xe8)
ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x5457, &(0x7f0000000080))
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @multicast2}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x2)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000240)='NET_DM\x00')
sendmsg$NET_DM_CMD_START(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000002}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r3, 0x600, 0x70bd2a, 0x25dfdbfb, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4002}, 0x880)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r4, 0x540b, 0x2)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vga_arbiter\x00', 0x2e0440, 0x0)
setsockopt$netrom_NETROM_IDLE(r5, 0x103, 0x7, &(0x7f00000001c0), 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r6 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_DQEVENT(r6, 0x80885659, &(0x7f00000000c0)={0x0, @src_change})

23:32:16 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5424, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:16 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x21, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:16 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = socket(0x6, 0x4, 0x55)
setsockopt$PNPIPE_ENCAP(r1, 0x113, 0x1, &(0x7f0000000000)=0x1, 0x4)

23:32:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae8a, &(0x7f0000000080))
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x82100, 0x0)
ioctl$NBD_DISCONNECT(r5, 0xab08)

23:32:16 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5425, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:16 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:16 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5427, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:16 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:16 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x22, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5428, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
write$UHID_CREATE(r1, &(0x7f0000000100)={0x0, {'syz1\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000000)=""/207, 0xcf, 0x7, 0x0, 0x5, 0xa1}}, 0x120)

23:32:17 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0xfffffe00, 0x4)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x5000aea5, &(0x7f0000000080)=ANY=[@ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00'])
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)

23:32:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x23, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x240001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000000000009f669deb36b2093775f882f505ef21f63e101ab3c47e324777ee1da3f15125776288fa01dd2bcbf01fc1d9d06c673cb7ba42eb854d1fe57aec182a863b4fd5a540d1e1b5a907ace47b3957e6cdd717b417b2bd8c8e9cf904a4d55e8b9dc97c5f1b6499253f996f665a7a4222dbcce5a3e04cc1300b4422bc493a0b6ad76a3f65"])

23:32:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5429, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x24, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@ipv4={[], [], @local}}, &(0x7f0000000100)=0x20)
fchdir(r0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r2, 0x540b, 0x2)

23:32:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5437, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
r3 = socket(0x57, 0xa, 0x2)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB="03000000", @ANYRES32=<r6=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000000)={r6}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000000)={<r7=>r6, 0x1, 0x6, [0x101, 0x7, 0x88d4, 0xcc40, 0x1ff, 0x6]}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f00000000c0)={r7, 0x6}, &(0x7f0000000100)=0x8)

23:32:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x25, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f0000000040)='fou\x00')
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f00000000c0)={0x0, 0x4, 0x4, 0x4000000, 0x1, {0x0, 0x7530}, {0xb, 0xc, 0x1, 0x3, 0x69, 0x9, "b7275449"}, 0x1, 0x0, @planes=&(0x7f0000000000)={0x0, 0x8, @mem_offset=0x3171, 0x4}, 0x1, 0x0, <r1=>0xffffffffffffffff})
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000000240)={0x7, 0x1, "764b7390f3c1c2c89ff6fb2a03b728aeda75840d794a6d9a9891b5e969f56ca98e1a713f118bd90655e860214e7853ec8d3a4fe18008ffc7994176ff872f0baa9e09f0bef0ba3e1a1cfa59a4f689c6dbf7342eb1547d4ee66cad67e5fc180c6671d0d075df7eec8e6569f3b9532c78bbf292da53ec6bb7f88e8049924ee1e75d99a14b066b69859dfbfc4b2d55fa5f36cb3dccb019af5de211da5310f361ba7ff72d05976f447a884cfa0fd82731c3382575ce5c72146e65f77148cff4e3b1050145022b5cf74c86dcebdb632aa271f9df5b5484eddb91421328aa7a28134d53b037d200e1d7b794ea76ac41911627f259727a3deb437de93a53c536e3fc9aa5"})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080))

23:32:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5441, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x26, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000000c0)={0x9, 0x7, 0x4, 0x8000400, 0x20, {}, {0x158f63bbe5b379fe, 0x5, 0x1f, 0x1f, 0x8, 0x3, "b2016aea"}, 0x0, 0x0, @planes=&(0x7f0000000000)={0x3f, 0x6ff, @fd, 0x5}, 0x3, 0x0, r0})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/mls\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae8a, &(0x7f0000000080))

23:32:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5450, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x80800, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r3, @ANYBLOB="01000000000000000000110000001c00090003000200ff7f00000800010000000071080001003f000000fc0004002400070008000100030000000800020004000000080001000600000008000100002c0007000800030002000000080004000200000008000200060000000800fe0000000c00070008000400090000001300010062726f6164636173742d6c696e6b00001300010062726f6164636173742d6c696e6b00003400078b0b2f409b024a299c5606f2e615090008001d000400000008000100110000000800040020000000080003000000008008000400534c0000050003004ce70000140007000800020000040000080001000a0000002c00070008000200060000fb070002000100000008000100200000000800030004000000080001001100"/309], 0x12c}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x401000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)={0x17c, r3, 0x513, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x18, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0xe575}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MEDIA={0xb0, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0x54, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5ce2c19e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x400}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa4e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}]}]}, @TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_SOCK={0x18, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffdf6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}]}, @TIPC_NLA_NET={0x40, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80000000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6b}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xf61}]}, @TIPC_NLA_BEARER={0x3c, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x80, @remote, 0x1000}}}}]}]}, 0x17c}, 0x1, 0x0, 0x0, 0x40}, 0x80)

23:32:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x60}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r3, 0x200, 0x70bd27, 0x25dfdbfe, {{}, {}, {0x14, 0x19, {0x3, 0x9, 0x0, 0x8000}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x800)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x5000aea5, &(0x7f0000000080))

23:32:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x28, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5451, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  796.864276] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
23:32:18 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x29, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:18 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  796.915116] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
23:32:18 executing program 1:
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x401202, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x3f)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000080)=0x3, 0x4)
ioctl$TCFLSH(r1, 0x540b, 0x2)

23:32:18 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5452, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:18 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x2a, 0x0, 0x0, 0x0, 0x0, 0x0})

[  797.184843] kauditd_printk_skb: 10 callbacks suppressed
[  797.184903] audit: type=1804 audit(1578871938.317:2900): pid=13525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1253/bus" dev="sda1" ino=16795 res=1
[  797.256294] audit: type=1800 audit(1578871938.357:2901): pid=13525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16795 res=0
23:32:18 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r3, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$LOOP_SET_FD(r0, 0x4c00, r3)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae8a, &(0x7f0000000080))

23:32:18 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x545d, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:18 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x818c80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f0000000000)={0x0, 0x70, 0x0, 0x1, 0x87, 0x39, 0x0, 0x0, 0x84080, 0x4, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x3, 0x7}, 0xbecfa30bd756ae9c, 0x1000, 0x9e, 0x9, 0x80000001, 0x8, 0x8001})

23:32:18 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:18 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:18 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x2b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:18 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5460, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:18 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'])
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
fcntl$addseals(r3, 0x409, 0x6)

23:32:18 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:18 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x3)

23:32:18 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5600, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  797.575400] audit: type=1804 audit(1578871938.697:2902): pid=13557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1254/bus" dev="sda1" ino=16814 res=1
23:32:18 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000640)={0x4, 0xb, 0x4, 0x1, 0x2906, {0x0, 0x7530}, {0x5878ff08cdde7bc8, 0x8, 0xe0, 0x40, 0xd6, 0x3f, "15424d59"}, 0xff, 0x1, @offset=0x4a30, 0x7, 0x0, <r2=>r0})
ioctl$VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f00000006c0)={0xa0a6, 0xa, 0x4, 0x800, 0x8, {0x0, 0x2710}, {0x0, 0x2, 0x5, 0x7f, 0x2, 0xa, "858aa629"}, 0x6, 0x2, @offset, 0xe517})
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f00000007c0)={0x4e8, &(0x7f0000000800)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]})
r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000740)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
openat$cgroup_int(r4, &(0x7f0000000780)='hugetlb.2MB.max_usage_in_bytes\x00', 0x2, 0x0)

[  797.672945] audit: type=1800 audit(1578871938.747:2903): pid=13557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16814 res=0
23:32:19 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x2d, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5601, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:19 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg\x00', 0x80000, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000240)=ANY=[@ANYBLOB="0000000000000000023834f4596b6b661e0597e0cec69f251a7db75b49f148db5fd42a7e6e8bced4cc81a80d0fae0ad0b795052ab382c1d3c8cdd45338a73a6e097af07feaefe52bbbf80a0d8d1708d59c22e30ae92dfaaa576c0046995d0741bedc48c8e301b16d988200000000000000003adfa6ae0000000000a8fe8e15f5dcb4066e9a506b1a7f0b6bcadf5e9f4dde4119583ae46ab14ef82a846f78a4cc73e519f49a73e4e9c015895bbac198425586e83c8bdd350ea28227da2e6ef1bb4f08e5c1a7"])

23:32:19 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:19 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x80, 0x0)
write$FUSE_NOTIFY_INVAL_INODE(r1, &(0x7f00000000c0)={0x28, 0x2, 0x0, {0x0, 0x8001, 0xdb3}}, 0x28)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$bt_hci_HCI_TIME_STAMP(r3, 0x0, 0x3, &(0x7f0000000040)=0x1, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r4, 0x400442c8, &(0x7f0000000100)={r3, 0x7fffffff, 0x1f, "550ba7c8fe40df1171c7b36ec87875b1c744723d7e7cbb43a5d367b0318ee79e4ed18056204c4e5b31d23876fd"})
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0xa, 0x1b, 0x0, 0x0})
ioctl$TIOCGETD(r2, 0x5424, &(0x7f0000000000))

23:32:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5602, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:19 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x40, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080))

23:32:19 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x2e, 0x0, 0x0, 0x0, 0x0, 0x0})

[  798.081094] audit: type=1804 audit(1578871939.217:2904): pid=13600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1255/bus" dev="sda1" ino=17105 res=1
23:32:19 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0x2, 0x3, 0xab0, 0x9, 0x7, "5e8e7b79794f98fc"})

23:32:19 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x2f, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5603, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:19 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  798.217342] audit: type=1800 audit(1578871939.217:2905): pid=13600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17105 res=0
[  798.248540] QAT: Invalid ioctl
23:32:19 executing program 1:
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x10100, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='<\xee k~\x1aS\x95\xd7\xe0b\xf1\xd7\xb5\xfa\x03\x87l\x1cRKh)\x85\xdaEN\x12\x11T\v)\xb4\xd7\x8a\xdc*\x9e[\x05\xd0\xe4\x1a\xf4\xc7\xd4@\x9a\x15\xdd', r0}, 0x31d)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2)
ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f00000000c0)=0x9)

23:32:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5605, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:19 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x30, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:19 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, &(0x7f0000000080)={{0x3, 0x0, @identifier="256247671d16b67809f8365e40c3912b"}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x204880, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-control\x00', 0x80000, 0x0)
ioctl$IMDELTIMER(r5, 0x80044941, &(0x7f0000000180))
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={0xffffffffffffffff, 0x2, 0x0, 0xfffffc00, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x5000aea5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b03bfe2723f6c21a0a4c01116e764a91201c302189c812afb309fe3c0e2e7f0800e2e5da5f1d6d7b0eca6a747c5f4c5c79a5ed0fe12bdd64ed0e8005ccaefb1514a413109344c1297f4157afc24aa0afaefb87d92c09395c8caf9d032574d9f9f460fcdd671829fdb013ff4429a3394cc7012d5fa9d942a4ce86c8bcc046d40b9deb4053bb7594fb336fe2564b748cd559f423c17e105c0c76e94931a1978933068a1c350abe9356fec508c5937f7a5fb256a44a73a8bd29a5eb24ca76c142c00b01c0a2932f2500500bac473b5563bf0fbbe65839a95ff3dd634ead4981a7c8268e208af7df39ea14dba211d354f38b5eae88a354342c107016e386a784eedcd35abdb6b153315998c25941b07de0ac1c8a60666ee2b0f4cb0841917158541db8781a16e06fae7138f35b5e8c38a1fd89b6b64eddddb1c84474af6b20f136fcf89e199dd87bc269be40264f35e2e095565d7c3facc57e526c0122d5f"])

[  798.490660] audit: type=1804 audit(1578871939.617:2906): pid=13631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1256/bus" dev="sda1" ino=16797 res=1
[  798.559081] audit: type=1800 audit(1578871939.617:2907): pid=13631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16797 res=0
23:32:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5606, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:19 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x31, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:19 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/shm\x00', 0x0, 0x0)
ioctl$VIDIOC_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000040)={0x0, @bt={0x400, 0xffffffff, 0x1, 0x4, 0x3, 0x2, 0x7, 0x3ff, 0x7, 0x1ff, 0x3, 0x9, 0x0, 0x80000001, 0x10, 0x2, {0x8000, 0x19cb}, 0x1f, 0xbf}})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0x1ff, 0x200000)
ioctl$TCFLSH(r1, 0x540b, 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-control\x00', 0x8800, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f0000000180)={0x3ff, 0x9f5, 0xff80})
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r6, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
r7 = fcntl$dupfd(r2, 0x0, r6)
ioctl$LOOP_SET_DIRECT_IO(r7, 0x4c08, 0x740bf092)

23:32:19 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:20 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x32, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:20 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5607, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  798.969218] audit: type=1804 audit(1578871940.097:2908): pid=13672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1257/bus" dev="sda1" ino=16820 res=1
23:32:20 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000040)={0xa30000, 0x2, 0x9, <r1=>0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x266d274953d8c5df, 0x1000, [], @value=0x8e}})
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000080))

23:32:20 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5608, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:20 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000440)='/selinux/enforce\x00', 0x40000, 0x0)
ioctl$VFIO_IOMMU_MAP_DMA(r2, 0x3b71, &(0x7f0000000480)={0x20, 0x2, 0x3, 0x8, 0x65df})
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
recvmsg$kcm(r3, &(0x7f0000000400)={&(0x7f0000000000)=@ethernet={0x0, @remote}, 0x80, &(0x7f0000000380)=[{&(0x7f00000000c0)=""/91, 0x5b}, {&(0x7f0000000140)=""/186, 0xba}, {&(0x7f0000000240)=""/60, 0x3c}, {&(0x7f0000000280)=""/212, 0xd4}], 0x4, &(0x7f00000003c0), 0xfffffffffffffffd}, 0x40002143)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x5000aea5, &(0x7f0000000080))

23:32:20 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x33, 0x0, 0x0, 0x0, 0x0, 0x0})

[  799.110747] audit: type=1800 audit(1578871940.097:2909): pid=13672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16820 res=0
23:32:20 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:20 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5609, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:20 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)={0x3, 0xe, 0x80, 0x0, 0x6, 0x81, 0x0, 0x1f, 0x3f, 0xfe, 0x7, 0x3f, 0x0, 0x4, 0x10000, 0x81, 0x1, 0x5, 0x0, [], 0x3, 0x7})
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:32:20 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:20 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000040)={0x1f, 0x2, 0x4, 0x0, 0x400, {}, {0x4, 0x0, 0xff, 0x4, 0x7f, 0x40, "a156d599"}, 0x8, 0x4, @offset=0x7fffffff, 0x20, 0x0, <r3=>0xffffffffffffffff})
ioctl$SNDRV_TIMER_IOCTL_GINFO(r3, 0xc0f85403, &(0x7f00000000c0)={{0xffffffffffffffff, 0x2, 0x2, 0x0, 0x6}, 0x9, 0x9, 'id0\x00', 'timer1\x00', 0x0, 0x0, 0x1, 0x2ae7f888, 0x6})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCFLSH(r4, 0x540b, 0xffffffffffffffff)

23:32:20 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x560a, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:20 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x35, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:20 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:20 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x560b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:20 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x36, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:21 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
gettid()
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r3, 0x29, 0x44, &(0x7f0000000100)={'HL\x00'}, &(0x7f0000000140)=0x1e)
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000080)={0x9d0000, 0x604, 0x0, <r4=>0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x9a090f, 0x4, [], @p_u32=&(0x7f0000000000)=0x200}})
r5 = getuid()
prctl$PR_GET_TSC(0x19, &(0x7f0000000180))
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f00000001c0))
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x646b, 0x4, &(0x7f0000002ac0)=[{&(0x7f0000000240), 0x0, 0x3}, {&(0x7f0000000300)="c7722a8f4140588259ca30605d849fad7da2f71783369f9e04dbd079471fddeb3f57b740a0fe2bea8b9133ee03dc54628da983d8d9397598cdd6b0fa837a06eef3482195bf3914c67d4dbb00003150b45241d6764f76c39521b1d408014800"/106, 0x6a, 0x6}, {0x0, 0x0, 0xffff}, {&(0x7f0000000880)}], 0x2000080, &(0x7f0000002b80)={[{@nodots='nodots'}, {@nodots='nodots'}, {@fat=@showexec='showexec'}, {@fat=@nfs='nfs'}, {@fat=@sys_immutable='sys_immutable'}, {@nodots='nodots'}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x30, 0xde, 0x0, 0x34, 0x65, 0x0, 0x5e], 0x2d, [0x31, 0x33, 0x68, 0x64], 0x2d, [0xf91d1c00e4de5845, 0x0, 0x61, 0x37], 0x2d, [0x64, 0x0, 0x38, 0x38], 0x2d, [0x31, 0x39, 0x36, 0x0, 0x66, 0x66, 0x62, 0x6]}}}, {@func={'func', 0x3d, 'FILE_CHECK'}}, {@uid_eq={'uid', 0x3d, r5}}]})
ioctl$SIOCAX25GETUID(r4, 0x89e0, &(0x7f00000000c0)={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, r5})

23:32:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x560c, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:21 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x37, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:21 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x560d, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:21 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:21 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000002000)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001fc0)={<r4=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000002040)={0x7, 0x8, 0xfa00, {r4}}, 0x10)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000000)={0x3, 0x40, 0xfa00, {{0xa, 0x40, 0x0, @local}, {0xa, 0x2, 0x0, @ipv4={[], [], @broadcast}}, r4}}, 0x48)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000002000)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001fc0)={<r7=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f0000002040)={0x7, 0x8, 0xfa00, {r7}}, 0x10)
pipe2(&(0x7f0000000180)={<r8=>0xffffffffffffffff}, 0x800)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r8, &(0x7f0000000240)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x4, @mcast2, 0x40}, {0xa, 0x4e20, 0x5, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x3}, r4, 0xda5e}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000000)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}, r7}}, 0x48)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r2, &(0x7f0000000200)={0xb, 0x488, 0xfa00, {&(0x7f00000000c0), r4, 0x3}}, 0xb3)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x2, 0x4, 0x9, 0x0, 0x1, 0x0, [], 0x0, 0xffffffffffffffff, 0x1, 0x1}, 0x3c)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r9, 0x40106614, &(0x7f0000000040))
r10 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r10, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r10, 0x40405514, &(0x7f0000000080)={0x3, 0x5, 0xf8d, 0x200, 'syz1\x00', 0x3})

23:32:21 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0xf4ad, 0x92000)
r4 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ocfs2_control\x00', 0x200, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
connect$rds(r5, &(0x7f0000000140)={0x2, 0x4e23, @multicast1}, 0x10)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
setsockopt$packet_int(r6, 0x107, 0x4a507be5cfdf270b, &(0x7f0000000180)=0x2, 0x4)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000100)=r4)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000240)=ANY=[@ANYBLOB="020000000000000006000000200100000c000000a35d007f06000000010000000300000000000000000000000000000001000080070000000200000000000000306f000004000000030000000000000000000000000000003589a80762f9ab071ff0912acae7f6a1de1182e7ddd25651fca09383ed9239b6f14a9277860eb9e1e064d192c0a6c3bbfe19d9533775750caf453929f4d12a9e923e3868635a7bce9a8bc4be0e9f89d8abb8fe667c4795002849ba50291f9d0440854bbd49ef29c7f279c1d7c5eb5fc054a670959be59db79177d94e439c1fbabaf74bcf1f27000000"])

23:32:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x560e, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:21 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TIOCGPTPEER(r1, 0x5441, 0xa88e)

23:32:21 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x39, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:21 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:21 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3a, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:21 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x2000002)

23:32:21 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x78, 0x0, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x2c, 0x7, [{0x8}, {0x8, 0x1, r3}, {0x8}, {0x8, 0x1, r4}, {0x8, 0x1, r5}]}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x8}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x42}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x78}, 0x1, 0x0, 0x0, 0x6}, 0x40000044)

23:32:21 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:21 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_SET_MM_AUXV(0x23, 0xc, 0x0, 0xb5)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x14e20, 0x1, 0x1002, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_GET_PIT(r5, 0xc048ae65, &(0x7f0000000180))
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r6, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$int_out(r8, 0x5460, &(0x7f0000000100))
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r9, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000040)={0x40, 0x200})
ioctl$TCFLSH(r6, 0x540b, 0x1)

23:32:21 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x7, 0x1, 0x800, 0x70bd25, 0x25dfdbfc, {0x3, 0x0, 0x9}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000011)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:32:21 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:22 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:22 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x560f, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:22 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3d, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:22 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7fff, 0x101000)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00')
sendmsg$TIPC_CMD_GET_LINKS(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x20, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x8, 0x11, 0x7}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20040001}, 0x20000000)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x5000aea5, &(0x7f0000000080))

23:32:22 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TIOCCONS(r1, 0x541d)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_STATFS(r0, &(0x7f0000000040)={0x60, 0x0, 0x1, {{0x80, 0x80, 0x400, 0x7, 0xfffffffffffffe01, 0x40, 0x9, 0x6}}}, 0x60)
ioctl$TCFLSH(r0, 0x540b, 0x4)

23:32:22 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:22 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:22 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:22 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x5d54, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:22 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040)='l2tp\x00')
sendmsg$L2TP_CMD_TUNNEL_DELETE(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x45484140}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r4, 0x800, 0x70bd26, 0x25dfdbff, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48492}, 0x392f75f1e8da3b24)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x5000aea5, &(0x7f0000000080))

23:32:22 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x41, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:22 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x80040, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r4, 0xc0096616, &(0x7f00000000c0)={0x4, [0x0, 0x0, 0x0, 0x0]})
ioctl$PIO_FONT(r1, 0x4b61, &(0x7f0000000040)="841104faaf234267e0458faf95dbcf501d0470806080266d7e78e0af07c6ebd405d9784e0ee65a62a884def34490887d8e26363742dec91eb039296f235dd371ef5528cff71c4856bc472282da18c293")
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:22 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x604b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:22 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x42, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:22 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x6054, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:22 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000000)={r4, @in6={{0xa, 0x4e23, 0x7, @empty, 0x101}}, 0x5, 0x7}, &(0x7f00000000c0)=0x90)

23:32:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x40000, 0x0)
ioctl$TIOCGISO7816(r1, 0x80285442, &(0x7f00000000c0))
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080))
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00')
sendmsg$TIPC_NL_MEDIA_SET(r4, &(0x7f00000001c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)={0x104, r5, 0xcd2905cbd1a2c12b, 0x70bd2b, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x14, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP]}, @TIPC_NLA_NODE={0x1c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xffff8000}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}]}, @TIPC_NLA_MON={0x44, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x9c37}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x80000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x5, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4554}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x0, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_MON={0x1c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}]}, @TIPC_NLA_MEDIA={0x20, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1baa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}]}, @TIPC_NLA_MEDIA={0x40, 0x5, [@TIPC_NLA_MEDIA_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x20001818}, 0x2)

23:32:23 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x43, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x614b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:23 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsu\x00', 0x0, 0x0)
r2 = accept$phonet_pipe(r1, &(0x7f0000000000), &(0x7f00000000c0)=0x10)
ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0x40086607, &(0x7f0000000100)=0x1)
ioctl$USBDEVFS_CLAIM_PORT(r1, 0x80045518, &(0x7f0000000040)=0x9e5)

23:32:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x624b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:23 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f0000000080)=0xac, 0x4)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
write$P9_RCLUNK(r1, &(0x7f0000000040)={0x7, 0x79, 0x1}, 0x7)
ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000000)=0x6)

23:32:23 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f00000000c0)='./file0\x00', 0x2, 0x4, &(0x7f0000001300)=[{&(0x7f0000000100)="cd7416e06d7bf495173fbfd72574760ecb4e2268f5377912e12925e47544b3988daa5dd6ee46ee0761a7cb124323a5044db8e3ad070700f69897d745f76f54a97d3dae54b3f28d0f6a187a5460db205f23ab9fb51e27203b3cea663ae157349551e422bd8da9f9a6ca6337f4f6e0a8db810f85dc1893371706475e482afe361eb520db79965917cc3f5d39d0d7bf2e8ec2f4193e890357ef3580ee86912b7ad115158c431255ba7706d85b76b43c6274e959005b14b80e4e012ef3984f42defae2550faae3d3d10bf911ce112ff1faadbcd2e09d145ba1c7f1f9aef3fa803b4a2cce418a6fcb659eaea54b36b780ad6a0ad0717a4188b0ee7280d560df7cc1610b69a73592d80e1ff98df9eb5d3c3a3b50d5886e8c69d184688e16305e5996f257e09342c89a4a382d42f3a6a10e94abfab8eb94d821612f4cbc1d29bcec803e108a337d4d88aa4a4389676f36e88a2d0e49de37ee97ca669db27a61f2e3e984bbdc5b47507218e55a4ff3416d717d7b51a5936db4b88abb003aa193dd8b76ba35dd4b649d05aa108d9c0b7e4382ff5c39a660c79bc426b0dab4903abb18660e050b2728aff41eb63b016f1c797aa7b5d5c144ca29bbf14fdd3254f96b4b45a63b11056c8330fa812beda2a063e91223896a67bfa0af16b8330c9511b9489bf0260241a055082fdd9e518f07818ac5d66cd8b5f2ec39c87dc469eaf8ab484e0a07226bfcd23b422d80235db72c6e614ecac986c843165d9dbdf579d8e1c429f68d3bbba62937cb24f3bb4fa2493372a75df2ccea837034ec060c4d1a9e08fe1f4f2033567ad0746107e65eef1058340746d5cf581898509bb4797d11f0dd6d58a1252a4bb3e22de2a55d899fd668f1b4d2dd44517fca84fa0e7f33688520090b26af7c81b4a2bfeb63cc4de4b68290c372188a536b9efb43a865e102ed972c7d9ae8fa13ba29d391c95409f115dc788ab9a5c14650d0305ba1a13c5073ad10f899f87ed2732262bbb215264bd91327c6b6c0ee1d00ba4801c98a35cc9f9908c74365e4fe19b87c55156cdc6cd0e8d65ee53f40cba4adf7655d8cd72132fb5cdbebf81cc848a7b1ce5620e09e340dbc3763087d7fb5e08a435c74bbacfa0a6944a3da746a9c142256af8b06a8c9dc72e5c96dd9cf01cafebc1da2ae4923857e9e769e7c3bb5e90fe2915242049b4c7308f0c19b74de2abee7e2dd463d6cd2ba4071ed0a623027b74928ad64db4e2b18bd2e2a93b6b584679670bc8ee8f96c5b489566200debca02b23c0226d47719cc04c3114454a316d20ba881f509d037c1a04da696d8db16e83fcc0fd418eb77c43bc6781fe9ab858f714343b6fbd5ff60336714ed12b968b58aaa94e3aac1f129619d2d65328afdde62f654a803d74fce5ca402248b23abcbd59ed408794e9ff6416da42c7fc23f68560aa6a6988437f6dc690c68f0c0c2643366cca9519bdab0319c30c3458339f68f00aa1a4be97ab4f849697500afb062b630fe151e960c2ef3ae0a991419b2cc5562459cc0f165cc98e70a0e2fd831a89d0eada92fd4e95bea772c9168757e66d34c7b4bee4de9577a2a5bbd6db020583f0a3f9472acce20840af8b64d788ec5743fa28546a07721a6f9e9d0bded80a95b51bf5fd81c6c14b83a6151a37e1fb609be891dc5dc75391c25f767be241877daf206700662053f07761dfeaf702bb19db84a20c5f658d06660f0c4d3ccd86735cfcde38d64c6b33311ab656cdc3e63c40addfd68cbcbfc4f1119ae1ad549e9412e43385f86671341752e55902a1fee733a7fd7f5107b1c902a68b7e7a996d131ab1397bc74fdc1af822b53b8c0f01d05d4a31d1dffabd24a2a1b023668e6f5a9a427f6f35f10406ab8378775bbf7b12b4066cab4b89ed471589208b2cd9508e2c23fb16da9c8c3b1d828d6b2ddcf96062ae6cedc2a30c547e393f4d90f274cbcf42c197ffb0a21bb82a8da734d3a64b4b3c6ec8e7c1512c35f7f6252629be57500454a4e22125ceb13d2b9d288ec3dc7fd0009835d9a0a8a57b79c068d8d02475b018eb9124f7e29ddc06b46e8e3ff59b73844ddd81c46b1f5817f2fd72775da4a1d256ef10f16fe91f4a77958336ed8f25db6dcfac00f499931b95136def0a0c731b2758297cfbf61556e5130a75592c2244c0997480860e70c0630a7135ebb820f98c36dd5b6e2094a52626c38071575620f6dbcd53028c46f3d0c21767bc79ab74ddf0e280d7077904d8c344648ebfd4d2bcd432d6de46dddc3aa2086cc500049df1953afe042168512cbf235ec138868d736a59fa52dbe411896754102fdd3d33769b6db626277a6d9781306b64d670e7803f9b0026b24f8a88923b0f095b2c8e5829baa09c0cef9947c052ff048ba9d053cb4eeab43f622029103308a4b74a72fde6db88582b6e91f1285f3604fc3a6f0dba369caa9849b2d1c6740220a994cabf0abf8a150a9abcef7be9c9cb47cd063c6e512b50fe862b195fa018ebf975135d3480e794aaaead53770ece8ae2ae4f68eeabbb4f4b6c913926aa7814798332aae0fd74f7e7de6bb775b59b01605a3d58e1b3e3c16d3cd1d1e3ad46ed7e358f073346f0841d42adc1a4a843a86a5982018aa0b781e8a26aa22d61e88772f36acb234566fe213c26eeec90efa07cfd73ff0946f400aabcd6cbb61c467982720254b33664f275811f9d9869347d7a0f0f0361589258c7d79dd415e09b05a755d01d7133a1bbaa3ac6d6380d5dc31fb7c7d9e206f1c6152d7ab61120d11b2876c0aaf0477a0846bccd5df619a36b43142835a0f32ff6815abc32f39d2b0547cdd26ebe5c4244d515e0f7b56cbf4d6d085db2706bdbc00cf0cfe3192a3129cf9c71f85d941fdc9e2a2343a8137c98cbfa1d5936e5399d00147f162c4733443b0b89e08de69e591b5220ffb7569013980dc1102cb558845fffd16929fd033fb332b12c69d323dcd0b7b467651a9ac60349934ea3443b9a2738d7b12f93a2401b7570da3b07acad974f877daca2cb04b9b7b4044fa3cb756ee19f2150127c97d16679aadc64a524954fd30d9f469d9dcfb368de120648f1497951d1b4f025be18feecfff5f22f99d1cca051188a7f5ada7a12a4505801e889866578dea4d25dc7bdb96d04d01b232e665a29e97fe20991b5ea2af4faaa55ec584624a216497098769ac3a367195770fef23d635ef1f1763f4e01f9ce7304945f9e7332b4760a69fb60876d20f7d8af96388036083ebcc39ff03d3748485f3ebe534386a0b823d33ef7f424cf3d550b92159765625c2f7eaa0944172a912692de23e763b98749b852bcdbcfb6ca531f0cef4d42f3b84b0cb97f1f8d952422530bc104177e06944b16a6d7df8ad8e638d48c5ecffe1e94ee6aee6f85f646f81a2888be2824b73487fc62a4f1b4abb353daa914e6eb23ecf21ecf6b6eb02612617721b6bad6240bc35ebaac15129a6643f73af68a08a89007ab0077a0ad74183c3c7eddc30111e24e454535e9b7463314a0655209ce454f5b4bacb2a408e0b5d0053210462fe9747b941aad6169ed1fd70bf5ee9dd683c38fa78a0c1c45cfe12f0ec3081e0e64a957564ccf459b7a2d3f6b25d680807795c231c5429e6ef70d061a5c49a107236733844ae084a1409f1bfc0c495d3a1c0b47fb64a8e754c5cebfb7c509348067a3ed4108c7a0697f663c73c5e9542306e45216153d37ab76d753eef00877841d87e77ea1cca3ad61b24c764f79178406c28e587fedbd0917d90aa7faa896033249a0784b7c56144f624a4b284004b8385f42590c9f5a4a48fbb32533c301ea2ad72fb33b293e928d06ca15ee86c145ac2755669d5de050acc19f2ba86a8a2c48c40588754b7f5d5b1b67c3ba1b708e05dbaa024994d9b53cb524b3d1b564866626b5d4e67927593d8605a302c156d3bdb927e4723cb3ba6b368938edaadeb384acb26c977ffe3bdf91bddf6feb929d594f2369faad175783f3b3a4d4048b52ee4f537baeda22a9822573504445b99310b52d1dbf4fdb2ef73ce75220be6fa6aab471e2bf181000bc36bda1f538682681edd33b530286236e13c5daf6f8adda3d70dfb29d726e2f84266d9c6f2600b630e127e7bbd904fbfca070afc9d619dfb7e9f1864ca4acea6e237b104f500af232b0f3a9bc6296e74ae2307e328bf98c01f0b1ff24dc4624ad6808927276c6ca3527809ec2b8be52b4e0029b19f604c7d9e74e0c3e7cd8b936e5962b7a785898c1372ef3f7fb31c6557543e071d23037c29dc80cb73b597578908fcdc8b8a088735835753055395d7b9efd2759bda78aef8117e290875f4e10bf2dc43f67b387539c47c2e4482d62441bce2cbd22ecb47fa784789fe4546d8aa89418f6ddc2d0a2498af03e42d3035f623ab5609a65a3079c5937bb10b9c84ede38ed30be84e36a3a5c0beecb5ddff1db3570ba0346ccdfe9342ffa989df050ad7eeba17789157fffb294f52be1553c9a40c9e6103d242d747562d8408a558b18ac8cf9170035db0fe5663f23f962a92ddb402973e072a61001fc716ccc165d7755f65796bf00705406c72c6c77ccfbf146f89af9fae4422ca6326b7666201501665204318a1b9a683fbde9eb85f092419d80c4107b9ae261bf7a604e1f8128afb06c20869a788704f6d49c118592612bb5b390da92cb6f931b609e6ee7b65445b4dbbe2af343a234e7b53070d7fc1fbfdad62eb9940c4b5924bd0e53a5788dabef88483da0e28029b9ce0d79a99112bf6c65de6b6438f7582e717965ac008955053d76c76e236c3f70cb747edb150ed80716981f7219802ca6f38bdd073d61bfba955c5ca0a00c03432ecd11e021f4044242f03cca7764c37b516f17c5738abfea950fafa34de94a8234b2b37f8182726acd3b58cdbaea5ce2a47e4f34a59956dfc08891aa7260795b54ff07803a2a13424cfef560ec71400694498a8c0bf3698da62eabb03bd56a04621b706262d085a120382e1131f58bee7c5286c5e4141d61dce0df12ae4bd61b7bed07355a63591df2f82a129c6938f41ba0e23622fa79ce383a5794d7f2f031de295cc1ac9666d0ded1b2f2dd2af0311622193a1ee1a5db555e875255337a4d1cb84019fafdc19c515a786563705826610966ef1221a27d351e7ef3e7912ccd5ec6a2b317af868c6efb2e425db474120152c3ccebc42c9c367e4ba6c5b5c7ff8b4ba94f5b493fdc67c849011047907be313217f7aca981d4920c30d6cb0efc3b994422b24d5b5655b2f7542baea42824d556c7bce5fbb6fab8bc03c37e54668d17fdc1f2680ded789d3cf6e8a5b94a945fd9d07d0d7990ef3c4781ad0ec23e50bc02aefc896342363c65bdfdda04adcdca295c5fd7b7d129a374863fc31dae22da05bf97f11ff5d8b50d151b8ce4dd29cd8b91d82c1c95f7589a72a82e06000208828bf321431626932354bd6f499229d449f7ce6adfcc8e5105bce8d355abe2af1a809dc507f36af75ca1244c6e2f4bd5ac7c1329abe2dbcd7e4f0fc68672cc2728ef9503de7561e0fb13a537aac9d6bcdbe69076d54623a89fe61f4829c2942822abfdcabaf02caf01247e22eda84fddee121cd0738b82495692b8139f16e895cbcb2922a36fdeba484fbf4c4df513d1f4052a489eaf2ec228da8befa5b0df6bc20818a9666d1f7cafde9bc648c39e4be770980e63b7433e6746f7a8daec36667ddbefbd519dbff208eef8fa45775541385ae7a7880c9330369a9c918328f9f902217587fd64a4de304f34e59248f606ce50192d5e1cfd62cfb53b23229a2c19458e33796141", 0x1000, 0xffff}, {&(0x7f0000001100)="9bb1424a29ba1e78104e271114108fb3e0db6f24d7c4f1cf113219dc40923d700a1c79c2df9b24c278e88786e2ad25ee1b49012349bb8a125d6ea815a356c82ddb4b8a1e", 0x44, 0x7}, {&(0x7f0000001180)="92d43bc7ab6b89f5aff7e3e3333fd7ccb9cf4c3a25b6bcc49a1828704515252778b6c7be73d3df8dc1f8e938a12ad0accabd9606277e04bcee434a76c1c6a987c9d11823e27efc2680", 0x49, 0x800}, {&(0x7f0000001200)="30c6c60ba890c55a7329d503361c39f845417758dfdc252c0b2a33c7ce794a70b0991d687d7588983f2630cb22dfba06f681119a63eba843fdddbe8b85614840b9a8fd4fc1be07713df81d61e1f3ce884b205ff3c8c0b8261bd7b93958b85bf46db7f906e9c39bac09517dac695cb7fcfc7f2c474aadcbae6bf15adece4c0216c2de5add3d3a46dca8ee95439872dcfaefb41776cab46ae2d474d9cf8e04146bbfd6f379ac212e3fdfb2e2acd017d61ca359d1b0663eac6253c5541c5b17b9dc67649cf563575f8fc3723438fcc09f0f7a2eea", 0xd3, 0x6}], 0x40000, &(0x7f0000001380)={[], [{@obj_role={'obj_role', 0x3d, '/dev/kvm\x00'}}]})
r0 = syz_open_dev$vcsa(&(0x7f00000013c0)='/dev/vcsa#\x00', 0x3, 0x900)
connect$tipc(r0, &(0x7f0000001400)=@nameseq={0x1e, 0x1, 0x3, {0x10e3e9967f97e2a2, 0x2, 0x1}}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x208100, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080))

[  802.191013] kauditd_printk_skb: 13 callbacks suppressed
[  802.191030] audit: type=1800 audit(1578871943.297:2923): pid=13922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16830 res=0
23:32:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x634b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x45, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:23 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040), 0x0)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000240)='fou\x00')
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r5}}, 0x20}}, 0x0)
sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x41000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="f10352bbce66db8b1ce1d33c4c1f00000065464edf975504ec432d14926f39c585f5e528094c6b1eec2951794170258e6c4766ca81ab94484eb9c28605ace35963a1169db82e2852418ec4f862f677fa6ee3f81980866345e205b9342a4bfdc48ce50e75646ca306f50aea02bdd6e54f34823c3dec8ab1ba75bcc3bc49da98965bbb2beedfcbc216c8b51ac1ad8c9c93500ca2e852c24f2b", @ANYRES16=r2, @ANYBLOB="08002bbd7000ffdbdf2502000000088eab142b050404000100000008e952255e1e7510c6348162", @ANYRES32=r5, @ANYBLOB], 0x5}, 0x1, 0x0, 0x0, 0x4000}, 0x20020000)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
r8 = open(&(0x7f0000000000)='./file0\x00', 0x80, 0x141)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r8, 0x84, 0x70, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e23, 0x2, @dev={0xfe, 0x80, [], 0x1f}, 0x5}}, [0x7, 0x7, 0xcc9b, 0x7a, 0x3, 0x2, 0x0, 0xff, 0x5, 0x2, 0xfffffffffffff001, 0x3, 0xb3, 0x1, 0x3]}, &(0x7f0000000040)=0x100)
ioctl$KVM_SET_CPUID2(r7, 0x5000aea5, &(0x7f0000000080))

23:32:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x644b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:23 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x46, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x654b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:23 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000000c0)=0x22a)
connect$ax25(r1, &(0x7f0000000040)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x5}, [@null, @default, @bcast, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @default]}, 0x48)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2)

[  802.728067] audit: type=1804 audit(1578871943.837:2924): pid=13967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1265/bus" dev="sda1" ino=16593 res=1
[  802.836482] audit: type=1800 audit(1578871943.857:2925): pid=13967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16593 res=0
23:32:24 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:32:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x47, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:24 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x664b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:24 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x674b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x48, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:24 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040), 0x0)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:24 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x331440, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080)=ANY=[@ANYBLOB="d3ffffffffffffff"])

23:32:24 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x684b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x49, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:24 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:32:24 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x694b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x4a, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:24 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x6a4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  803.512144] audit: type=1804 audit(1578871944.617:2926): pid=14016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1266/bus" dev="sda1" ino=16785 res=1
23:32:24 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00')
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, r3, 0x405, 0x0, 0x0, {0x7e}, [@NL80211_ATTR_WDEV={0x0, 0x99, {0x8001, 0xffffffffffffffff}}]}, 0xffffffffffffffa7}, 0x1, 0x0, 0x0, 0x40044}, 0x40000)
sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="00e92200", @ANYRES16=r3, @ANYBLOB="000225bd7000ffdbdf251a00000008009a000000000008009a000200000008009a00000000000c00220008000500000000000800010003000000"], 0x40}, 0x1, 0x0, 0x0, 0x24000880}, 0x800)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00')
sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x14, r5, 0x405, 0x0, 0x0, {0x7e}}, 0x14}}, 0x0)
sendmsg$NL80211_CMD_GET_REG(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r5, 0x200, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8044}, 0x20000041)

23:32:24 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x101002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

[  803.617902] audit: type=1800 audit(1578871944.677:2927): pid=14016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16785 res=0
23:32:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x4b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:24 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x6b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  803.691518] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  803.720577] protocol 88fb is buggy, dev hsr_slave_0
[  803.725703] protocol 88fb is buggy, dev hsr_slave_1
23:32:24 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040), 0x0)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:25 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x6c4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  803.815207] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
23:32:25 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r3, 0x40206435, &(0x7f00000000c0)={0x3ff, 0x0, 0x2, 0xfffffffffffff530})
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:32:25 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x6000)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:25 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x6d4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  804.061357] audit: type=1804 audit(1578871945.177:2928): pid=14057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1267/bus" dev="sda1" ino=16863 res=1
23:32:25 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r1, &(0x7f0000000000)="a7b7121c586731926b16e072b0953d02ef3d3d8b7422b5efd82faebe65e9bc65ad0c0bd4314a2c56d0ce1f765a2fe3d088d3f7e389da2ff92f24a3faf9d300066ca25a819f4ad5297bc85d320867dd2260303b6cf98c532a9787efbe2eb87d350471201bbd387fa1d2b3a948ca84d70bb02027e9843f06fb699b0da65ecc04a453b0bb3a16b67084dc7e59ab028bc6e736971fef2102963428befcf163d60666c4127257c066c15b3ec9b0d1be9c2c39432a238a663beffd7dfb606386f533e78feabc7960785be5e292fbb09f68b770e5408e3d7cdffa6617ab1b38796014e7d094f99e950619d588df24f8caeb96d933eb6cefb8", &(0x7f0000000100)=""/10}, 0x20)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcsa\x00', 0x40, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, &(0x7f0000000240)={0x7, [0x6d2, 0x1, 0x2], [{0x3, 0x7, 0x1, 0x0, 0x1}, {0x7ff, 0xfff, 0x1, 0x0, 0x1}, {0x63, 0x0, 0x0, 0x1, 0x1, 0x1}, {0xffff, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x4, 0x9685, 0x1, 0x1}, {0x6, 0xfffff443, 0x1, 0x1, 0x1}, {0x0, 0x4, 0x1, 0x0, 0x1}, {0x5, 0x8, 0x0, 0x1, 0x1, 0x1}, {0x3ff, 0x7, 0x0, 0x0, 0x0, 0x1}, {0x7, 0x10001, 0x1, 0x1}, {0xffff8001, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x1f, 0x93f, 0x0, 0x0, 0x1, 0x1}], 0x7831})
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ftruncate(r3, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$DRM_IOCTL_AGP_ACQUIRE(r4, 0x6430)
ioctl$TIOCSBRK(r2, 0x5427)

23:32:25 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x4d, 0x0, 0x0, 0x0, 0x0, 0x0})

[  804.153193] audit: type=1800 audit(1578871945.227:2929): pid=14057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16863 res=0
23:32:25 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x704b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:25 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x714b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:25 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000000)=ANY=[@ANYBLOB="00e91100000400004682f3c42d1ea8916ce239c31dc09f820a1759be9106dadd4c354b33f53d05922e0b091de1ead5b857907654531e4c6ca13c"])

23:32:25 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x4e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:25 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{0x0}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:25 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000080)=ANY=[@ANYBLOB="01000081161196e1f0227d825aa30a7ef3bf674d2b26e571e7b97836f80f12f5e27413201b2f9be5d695f135a27e4f5112e5648bbe9b872754ff133cb4e57da933863c1ec6ef5775c46d51f1180a51aa561deecb81704e75c0e9b9cc769d59c41f5a329d090d82dd1b1c1d4ea8a83e8e5cebf1f64f302cdc1c066ecaaa4a00"/138, @ANYRES32=<r4=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x14)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000000)={r4, 0x10}, 0x8)
ioctl$TCFLSH(r0, 0x540b, 0x2)
recvfrom$l2tp6(r1, &(0x7f0000000140)=""/96, 0x60, 0x10000, &(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast1}, 0x20)
socket$inet6_dccp(0xa, 0x6, 0x0)

23:32:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0xf2ddd3055d3a3bf9, 0x0)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0xc00, 0x0)
ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000100)=ANY=[@ANYBLOB="00eef70020000000526a9d398fee83d31d326f7ae068b9c67f6396a03b038050c9489493f16659a4c1a4427c9905f97ef4016633847305405081bd8134153413cd900c9b7d9cd877e1ccddacc7dd9759a8f5e04d559c03d57a74fbb38a2234"])
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00')
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r8, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x7fff, <r9=>0x0, 0x10000, 0x7fff})
ioctl$DRM_IOCTL_AGP_UNBIND(r8, 0x40106437, &(0x7f0000000180)={r9, 0x9})
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac13ffff", @ANYRES16=r6, @ANYBLOB="010000000000000000000b0000009801050007000100696200000700010069620000240002000800040000000000080002000900000008000400020000000800010020000000e00004004c00070008000300000000000800040009000000080001001200000008000400ff7f000008000100150000000800020002000000080001001e000000080001000500000008000100120000000900010073797a31000000000900010073797a30000000000900010073797a30000000002400070008000400360200000800040006000000080002008000000008000300050000001c00070008000300f700000008000300ff7f000008000200050000002c000700080001001100000008000300030000000800010020000000080002000300000008000300080000006c0005000800010065746800080001006574680008000100756470001c00020008000100130000000800040000100000080001000300000034000200080003000400000008000100060000000800040000000030080004008000000008000300bb040000080004000700000014000100080003000100000008000300000000fe"], 0x1ac}}, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
fcntl$notify(r5, 0x402, 0x180000003)
r10 = socket(0x14, 0x447cd70e11de6871, 0x1c)
r11 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r11, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SCSI_IOCTL_SYNC(r11, 0x4)
getsockopt$IP_VS_SO_GET_INFO(r10, 0x0, 0x481, &(0x7f0000000040), &(0x7f00000000c0)=0xc)

23:32:25 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x724b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:25 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x4f, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:25 executing program 1:
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs_stats\x00')
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
sendfile(r1, r0, 0x0, 0x7d)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r2, 0x540b, 0x2)

23:32:25 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
sync_file_range(r2, 0x28, 0x80000000, 0x6)

23:32:25 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x50, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="0000ef0000f90008"])
lstat(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0))

23:32:25 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0xfa4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  804.689723] audit: type=1804 audit(1578871945.797:2930): pid=14104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1268/bus" dev="sda1" ino=16870 res=1
23:32:26 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x51, 0x0, 0x0, 0x0, 0x0, 0x0})

[  804.835975] audit: type=1800 audit(1578871945.877:2931): pid=14104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16870 res=0
23:32:26 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{0x0}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:26 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000000)={0x8, 0x1, 0x80})

23:32:26 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0xfb4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:26 executing program 0:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x40, 0x0)
ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x1f, 0x458, 0xc4af, 0x732, 0x1, "8b2db67f5df0f46e12d66830edd0f0d48072f4", 0x4, 0xffff})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080))

23:32:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/enforce\x00', 0x8900, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r4}}, 0x20}, 0x1, 0x0, 0x0, 0x88849}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r7}}, 0x20}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=@ipv4_delroute={0x6c, 0x19, 0x200, 0xb432, 0x25dfdbfb, {0x2, 0x14, 0x14, 0x8, 0xea2cb5e0f65f03b2, 0x4, 0xc8, 0x9, 0x100}, [@RTA_OIF={0x8, 0x4, r4}, @RTA_ENCAP={0x10, 0x16, @nested={0xc, 0x50, 0x0, 0x1, [@typed={0x8, 0x96, 0x0, 0x0, @ipv4=@local}]}}, @RTA_MULTIPATH={0xc, 0x9, {0x8, 0xfd, 0x4}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x1}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}, @RTA_PRIORITY={0x8, 0x6, 0x7}, @RTA_MULTIPATH={0xc, 0x9, {0x6f, 0x2, 0x1f, r7}}, @RTA_MARK={0x8, 0x10, 0xffffffff}]}, 0x6c}, 0x1, 0x0, 0x0, 0x1004a800}, 0x80)
r8 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r8, 0x110, 0x4, &(0x7f0000000040)=0x1, 0x4)
fchmod(0xffffffffffffffff, 0x2)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r10, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="4b4bddc0d6c85cf3"])

23:32:26 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x52, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:26 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = accept4(0xffffffffffffffff, &(0x7f00000000c0)=@caif=@rfm, &(0x7f0000000140)=0x80, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000180)=0x130260, 0x4)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r7, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDDISABIO(r7, 0x4b37)
setsockopt$netrom_NETROM_IDLE(r6, 0x103, 0x7, &(0x7f0000000040)=0x10000, 0x4)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/netlink\x00')
r8 = fcntl$dupfd(r5, 0x0, r0)
ioctl$TCFLSH(r8, 0x540b, 0x0)

23:32:26 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x40049409, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  805.195949] Unknown ioctl 1076646955
23:32:26 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x53, 0x0, 0x0, 0x0, 0x0, 0x0})

[  805.240089] audit: type=1804 audit(1578871946.357:2932): pid=14156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1269/bus" dev="sda1" ino=16864 res=1
[  805.267516] protocol 88fb is buggy, dev hsr_slave_0
[  805.267585] protocol 88fb is buggy, dev hsr_slave_1
[  805.320562] protocol 88fb is buggy, dev hsr_slave_0
[  805.325679] protocol 88fb is buggy, dev hsr_slave_1
23:32:26 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x40086602, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  805.385321] Unknown ioctl 1076646955
23:32:26 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{0x0}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:26 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x54, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:26 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000500000000bfd9d21a267fda8ef6d1d31281b90eea7ec52f00"/39])

23:32:26 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000000)={0x4, 0x7fff, 0xa7, 0x7f})

23:32:26 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x40087602, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="e5ffffff10000000"])
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r5, &(0x7f0000000100)={0x12, 0xfffffffffffffda0, 0xfa00, {&(0x7f00000000c0), 0xffffffffffffffff, r4}}, 0x18)

23:32:26 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x55, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:26 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x0, 0x0)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000000040)={0x11, "d3ce667df5322a9e4d03446bee4519ae90bd7f22c827a3f762b33fce2c701417badd87302fa13f49733ac14aff4fcc287c88665094cd0d20c60edd99bae929c753755791bd9cb17e78543dd6d4f0a8049f29f4dcd0e406d5c888de387e05a43c4ef90460afbff059f6a80157cbee6ba56a2195080fc1ebb53cda30bfb80811fa3d9280e75e86b3eaa88fcd58d6636dc84a09564db0fb488caeaae4b386014e6619f903eaf3165ae11c4f32571cff1cc712b4a03960e665f3ab2a37286d703eef002a8623808493af441f615a9b7883e7164bad0851ac62e40b1812eb8cd100faec828eb9339fd0ac638b824cae4e2fce5d3bc38f1a8d42cbb78a63f86665e9a0673a02f636719d67d49b7e730ce80da1e6313c61551ba74e78b00b8067da273875bacf9f3b6908a3273e656bc65119c788f814505803bd03b9125e791d8271b449927ad3dedf855e7490d2a09f8e807ddb941fe7b9d0b0722327bb55b4d8e9415281e4e61e23062b1c1c85a0823fc8c1e2534ef6a1e544ae57735afdd11d97b1b4e2fbba25b6b3727e50c9daeea812ecbeee233c1e0ca9898df34e6b1673f441b0c90ed57e33181d9de1dffe720c099530254b068a87fdfaf8f2e9af2595fa025b360aee31d6a12a63cb06e0ff009c7c7f1bbe936cb771d51b08885dc213bfe2524a5466b34deeff146eadb9413f1dfac6ef1ba3a28f0fed03717836dae2759e"})

23:32:26 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4020940d, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x56, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
getsockopt$sock_buf(r2, 0x1, 0x1d, &(0x7f0000000240)=""/4096, &(0x7f0000000000)=0x1000)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080))

23:32:27 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:27 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x80045432, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$ax25_SO_BINDTODEVICE(r0, 0x101, 0x19, &(0x7f0000000000)=@rose={'rose', 0x0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x5e8)
r3 = accept$nfc_llcp(r2, &(0x7f00000000c0), &(0x7f0000000040)=0x60)
lstat(&(0x7f0000001980)='./file0\x00', &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
r5 = getuid()
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x646b, 0x4, &(0x7f0000002ac0)=[{&(0x7f0000000240), 0x0, 0x8000}, {&(0x7f0000000300)="c7722a8f4140588259ca30605d849fad7da2f71783369f9e04dbd079471fddeb3f57b740a0fe2bea8b9133ee03dc54628da983d8d9397598cdd6b0fa837a06871173a870f40a2ae40d9929eef3482195bf3914c67d2c12abf83150b4524157a2eef77ce5c5d93ad6764f76c39521b1d4080148", 0x73, 0x6}, {0x0, 0x0, 0xffff}, {&(0x7f0000000880)}], 0x2000080, &(0x7f0000002b80)={[{@nodots='nodots'}, {@nodots='nodots'}, {@fat=@showexec='showexec'}, {@fat=@nfs='nfs'}, {@fat=@sys_immutable='sys_immutable'}, {@nodots='nodots'}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x30, 0xde, 0x0, 0x32, 0x65, 0x0, 0x66], 0x2d, [0x31, 0x33, 0x68, 0x64], 0x2d, [0xf91d1c00e4de5845, 0x0, 0x61, 0x37], 0x2d, [0x64, 0x0, 0x38, 0x38], 0x2d, [0x31, 0x39, 0x36, 0x0, 0x66, 0x66, 0x62, 0x6]}}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@uid_eq={'uid', 0x3d, r5}}]})
syz_mount_image$gfs2(&(0x7f0000000240)='gfs2\x00', &(0x7f0000000280)='./file0\x00', 0x4f, 0x9, &(0x7f0000001880)=[{&(0x7f00000002c0)="e73d2633e25322543f3439bc3d6c51b754ece71a011c527a4713d7327c4b00fdd8a569fa0daa3b2297344146f3a5fa4756a8be28a01fa8a518ff617ad2fbd6f955a6eca3d333d125c86e21d5c49de46e", 0x50, 0xffffffffffff8000}, {&(0x7f0000000340)="8c955d1db86e66d9ee7af3d0c05c075ff1cd3891fca5fef063756680e7f935f6", 0x20, 0xfff}, {&(0x7f0000000400)="11523fa8347eaeccd73b735e1a97bf1a24d0a5b51236b15d926b1868ed4452d36b811a32cdc72291ba89a1e80c91fbaa50a8b76a3062e92eebac83c259881c2f7a48c0c9c57bc8dcee8a70e41b0931d2af7278df0154e1460cb1f22bb0938bfd86a6b8b698368f71ff18ab0c543039a7043625d05975df61721bef57a626ad6d54b47ef9176f01266918c7d3bbb11eb04135d861f5e10e9f3b98ca40cc", 0x9d, 0xfffffffffffffffd}, {&(0x7f00000004c0)="49e5a0614e2ff38c6602b7a4957f5ccb182fae57690c36b2b7fec2161155e04f6cee7c6a5456c02ed881d72cd6cda228e349e840582974b73b7077605689b46833e5a30250af92898ecb8cb6f6c466e056c3f2a51b3f863fdfebc3c12d61e845096434cb7a5f1a2a652e408cf0080a702b4f0cb512fb076405d94d426a9d16c6dbb8b1c5103e747727c947458bb863b01b530fa04da61b5163214b2199bdc9bcd4f0967a523b8ad428aab43f", 0xac, 0x6}, {&(0x7f0000000580)="5054e6656dd1c1e4b82c84594f1dc20a40881607bb3f8184f3644884dd689db0c947825995f7a3574718b4bae3f2c9bf86dde23c7007fb4b4bca2b7283e5384b2e97d676b86f40a3b0341f1d17197d9ca50d1c5d403aff5f19c76f134b5af0bb2eba4f756a1fbbdd47d9433165735003880f938717bcec409cfe", 0x7a, 0x3ff}, {&(0x7f0000000600)="a6a86bfeb4ba7ff821e25d1d0525aca9e0c9a3228a787ca903fb7b0b181f4e50ad6a2ef7c59a6132e6fd15970ae54a1587dde89d1464e0d50600456ade06c6505870d052d113c0c12ed3de4c24d152f76908ad4e44bb511a1e53e6684d0ee3c8addb5116443b154b146b100c214731494c1941c697b2a280b7ffb34cfca67ceb889f63c5bb067eaa70cbd63b60b5c3b300fc2dece5b45ee19690017a547659f1034b0d12ed050e97164cfffa58", 0xad, 0x52a}, {&(0x7f00000006c0)="83e51ccc20b56b09a03cc58d3775940c94f0ee4bc227d69f7cf180ea42f01528132072f860894e9838ccf1cc388605d27d084adacbefd3dac6a3a5a4c6bf136caa9ca644d5c21f776739aec42940f41af8bdaca079175adb6c6857c71c40ea93e1ee03f1fc589df0ec764572866aefc35f564ce11c6d664e41dd136de69c5b19bdfdfe2cc4ef74f281c83edcabb425b9c12472efc2d5335d877f31f1a87ea8e162e9111cc78c7cfbc7aea47825ae9b44058352398a6b9ebe76513ca6decc3bff7c2c6b2f03b23c87b8892b050587c4138ac6c163e71876059715eecda452ac0f891a9b1ae3f073b0cb1805d67b2f505174a87248b24064b4ce692a15555878", 0xff, 0x7fff}, {&(0x7f00000007c0)="8681f20cdcc38cbdc940ba0d629b08a69374646f417677d058bc5f77c6127bbc04eac342cefa1c9a82633e3403a01264a0f40b72502cea4e575a71e88b953656345c9b48fb0ed8c8278d8f70045ba002b3d841a90f750b208c7ba3e4eca8af305224d8986acd7409b0f808818da265ba4e2cb044d1a0325fd7aab03c9c4b27b5c4acfdce4a2e769e4b23714e304cff077998842b1d47b3ccf660772031d56ee00430eb2fa663fea10345472e22ec3826dc9152c6039d2a444801ff5d51aab9ef6be180346b782e6de579420239e8fc520e9671c91a69689a198b0c2c42eedec75e08e6409fb8126d3d5df9e73fb4436a1ad3c5531b36806a70c88fdb96c0242d62a9ba4059906ec4d3de583ec156ccef2da0c2b8a48f650c75c8f3070a0918f32f33d8292b48f5214024929bd87cd62fbc0117b0278358fe301364b98879f90368ec011e60563a8164a45a6c40c6ff67e51fec3d3cfb0e5bad4459b0266f64403e7965781fa3819f117bc7660bc2482b22d30e1b8880f6882922f1680bdc3b9e863ff8e8cad773b06721857c2c7025ee596a51c48e5e9b203bf26847114fc36640285cae6c1161ab8aa201f1378cb0da495cf7086f90f6df9007364386c0dd259c2104d931f361899a95e21ccab8f9fbcc7e4e67d0c692eb6be4a606f2adda7e1b4d721c7d402229bf8c7bce01754c65468ffa8ebe489975574e7ac074bcb00b19be4cea02b67b86eec3011946357f9a7f9e4f980d9490eaf13e0d5bf1fede847859a6c74069a2f0d3362cdb1f810fb0091d017d7bd7577e3bdb3f768b4b2da147c2d892df77d5cda6a35c16f9ed2ec76c93015776d914acc996446907e5a786e8d82cc900c8b8d79b6852bc4b2e16f8b5a2e9a7ef9674da5b71f28d78877f4c15e615dc15a51a78eb6756f4091d41db9292b24914b426cb0ad90a111163c65a4af4b34dd26626c2adca636ca2b151773e82d16c237731ee262d87ee9ae7bd03fe22f561d5e499a7d89888c4e5ec7a2c524d65d67a645238344ad27e67f26dbda7ca4d98954664de0edd33d653f1b554169f788f63300c198a37acada46f56509531bfa0f2bce99dba9e7c9cadade28c9c6b8550882cfbc487ed2053c30024ea7cffd2ba113b02766334414744ed50ec1aea23c031a803bc7cdf626fc9fe486db8ef5da1358e4595db35c37f2bcfb647750d16f3c960e24595367ff2d71e1b907027d45be8e49ee78a22d505c0d3d4d526aa90d05866d52da08e6f5cc66421462c8ecc14f0e4b7b4feee0ccb094fb73b4e2d963d606ea34b8c4f20df6d0221a9c794b0129f4e368a6f65454ad711caac793731ef48e1c1d407077a89dc06f28ff0a4faf00fa4174369ed9393b0e212dfd60d3d7ee2cb6cc3c9c90193a1218a016b4a362faded14b95abac6feee8de0c727f98edbf73066a0d0772444251657f57d734de4a1c5db96bb8c28e439544aa0ad8c392f30e89c79a4f1e2025c8ad27fada145b743eab6955a690aeb0bbcfbf069ca67a381a3276d5a0a3b33f51f6c6c398d07a00053d2c248f7ad64e516638efdb27e1ce9cf039de355f5373bdbdad005c2f818aa45e6d008964fc62756b99a2fc0c0e1f078ce9026987ec6039e574d2fcc72d139fa56a864cc698eddd5142b632d0b48ec4863f3903e64981737f1fefe26c076b4353b4aefe8661acd9cca8e3dc9eb26ecb3fb0021b3cf4c307f97b284a50032b800b85d3d59c3c6b7f3ffa832d94bea87847e72b45c7b0c1b2f2f28c6ebea5323fc44582a20bd0bb1e2fd1d931e934ae4d3b91f9265cbd862b5e82abbda4661421ef3136a33e3c6f6768e95784fdf715cd3b401c4427ac3cbf75749c2a2ee0e13c98f74122db6c8eed7b625cd1277bf1b9523eae02ce872dd797aa3bbb663fce9e681364a8de08e25ab74820bb21c6bd10c6c5cf9f5a551d33b66f9c0bd5270d9d26cbe3b60f2a2e51e67773c8b138044a50a6ebe29e913c64c41359a027bd11df2ee32c467e0c2b4548b7237528ca37a3db7d388c63b338d2643cd1ac1cf41d631dd3e2953bd9067cd7e670c151a89d6977bd1806edb3d38e82d3bb51124d30a8a9b8622f7b88f1f0554be5d157659988d2e58ebacb6892ad9392b37feee3cce3f387d61c027845bd26b7d555c284ac1c748d0a74b002b0dd28cc4b1443133991b5e2884d8afa3e92c616161edca8e4204f2fb1ae4bdc0cde9067f3a7340ef1573161def58d62aa5ded72e56ff20d0d9808d593e14c157e979d8226f034225ad2f4f7ea5a72bd700bd40a19c49925a2d4f8652ad6ed106a57ca1f1f55996be30aca328e822d9dea61edb1486f9ec8359764c11b01d634f2db89d14198142576bfb3a64d8c814f5cfc23caaff01a5fc75455f483cff9bd5e220c0c4ff3ef28df74c00ffca362a204af0b5407f99deb910dacfc1941e8bf96b429d8329042dc4cfbd688368d0340393f1825cfc75f3144bd91ac11ea0bdbc2e7752838acfe7b054ef369225553b945f3f049d594247db843132c8bcc5583ebc4dd16aa415d3dd7ffd1237b80e66cdc8d860c98e9d6a1de6951b80db5324df2280dfe607621f828ffb612f55deaa74b3cd913858865dc77394e6ca796a64f15ad4079d19415243cd1dd8b779fc1f7239e6976c40034e26f9664ee2e3707f8d8ce8e7fc7ce2aad4782163f0869135c87d33121940d4cbf391e4ae676b62e5a5d5fe679eb67508004de9eb5e3f66e65126e4dd6a2790415dec8ee61b91c03af16e4965f76163fe8ee3f67baad61d8ec08056a3cc761ca9c49a64a8faf46f87fe5bb1ea75fdd209b88c7d980a2187c17117d3bada0e3d857269d92b26ad52e3fb4fd5271c5e774710063a0cde29fe637210b9ea8ad5177361ee0bc2bf596089c8bba20c1f5e29831d0d62705b1b7a56c00c3ab4dd7fbe9faa74facf92a6944b9fb5f51416dab37175a7821b3d7794e344e4773e3cfc7ebbb810bd544ddc0b68d54eecf8c83747c22b06ab12478aa1efc0c3c6525dfa418b140b16ee800379282d44c6ab48b07136e841588fd2ba921468baee4949e94770ecd96b1c7ed5435103b183b24c8c80c3e066a7029ebf418d8b84ad2cbe9ed646e181da42297200bdcfcbff074d6e69b6ee8c3c0c8bc2bd983aafafeb0241f4bd2cde69482918a824333d224798260ddada713d8c901dce4e2e1c37c5716eea55632ed88e482884d6ef29b4e7d35b5094f06da33e03efc147b3bd8c7f261e0374bc56668249dec5d44592d17eeac8c8a56badee0a8df58480d3b970e38cb83de294f8dc23057aa773c103aabedde2ad826f67dd7e3763db97df913751108ccdc7bd4fc14439de355011bc37fbc90ce32e0fa8475079a317a0c7145289520b7e22475d3973ce0de3dfab0d9530f673cd1f0b121d4ea78e6a47f005a58f39e61b8f1d7d5dd86b26df7237e999d551ab09c900e73a9b715c80b804d042bb0bd2e94737754d727c082432e75f8c4a45fff11a14ff5a92bc269172f6b6626b4751bc90af55da1feffc414b242297ab68e4ebc8364d425acfba4e70a167503b886df1016cbf1fa5f7f30274242c84d67be676eba34c1936cdae0ed6fdd3061f0e649cae817e53becfc42ab3b5fd2384e1891c9257b3d11059666c86559b369df506728c3fcf55e9fffd7c83dc84a4e5e15fc2f56e1190e6458c3c188a94be84cc1b671feb4993042b8946d6e6b4b854b087d3decef75ba06e3841a761cba6c1d0e180441c1b6a06aad92ce05b692172e87b8f9c2fa9ce958f4863a4ece5c173afb413779406e1b0f43bda0afce519bc6aed579136a0999a50ff0a2357ae27d6d1cf67c1d9be3b88777dc55506f1c80bf25295154ee28794fd1df7e4f6adb1e944878a05252aeeda96364ebeb7bd61ab1cb988a4d208e4adda8210aa05136ce095af55d8a2a169c030120c5121241a9cc70831d26813c1be6539808df8d1594274522d586c7d8e43a9cd6cdea1fcda548d781b8b3abd8adf818c5c656265e825c5d5474971c1fcfb29018aa0c377e3cec303e14dfd7d5be606cd4bab9f14491554cbb52523469fd90fc9632b423f7c92df1daf578d8f8797f3edd0f9937234df72b4fb9034357aa47f330d873a324a908a9986ebf10b26f8fb2e5a0099cb4cae2b255d23940bcdd30f37bb25a796a39f555d3682df71841813cfd2b99b33372a4838b414e0f8e4d37985501bdf8fa9f1e2b4fd7769210eb52b8f1d8c6a597b1b167174dc72875656a2e1fda3f28cdda85c11a7961843789569007d3ec45d4c9b913748a5222fe14fd4b9f547939fe8be8c9e7855c0dc3cdb1cb0cb112164e0266fb0506847b5863ec6896c68ed841b9f41656c4158c6104a693b406394046822a54a08cae015dd7adbc3d88188f910510ab09e7d96b31bcbb578712c0813b26b3cb5044d0c1d2353da094270d824eac5fccbb658713d7d6d881e9f60fe485e8bf67ccc30d5e14e575c1da086f6b7f615698f4653430646d30becb9622370d03f97fd26c5ba47f425f578b136853eb12d0ded1acc3425f112604c5046b9661a70babc7c22cb7375b0a25aa6b96d5387e7b11c17830b3b99520bbb2db2e786507ad262f91a92d427b88e587079f68ccc6396a50da486401ce69e0585e988b3ff8d5c70893b9cf9f36dd0430a7924de19b788e9c87f46bbca314fdedd4cf6bb75ba8df35f5213fc64b458e106d102ea6fd37804c59e4bcf4a835bbe6e63159f6e6027cb6b926c46a1a680b8faf720f6af85dc2defdad3c5c3b7fcec6ddd95f4daa5005f89401e00734bddc1c9935023b079746e876c60cedb888d5a973a4231665e172a2423d6ff81273bf4fc415dd99dec03110706ee60c0cfe4b98203ebdfdcbcebb0d8b8143f016fd4968d7dda073f9443784a2343162efaf34123514bce5305f9c2133e13d4fe01dcc377928536f8fa8e69130ab2530b699d72543a2ca133fa9badad4bb985e01886184268e53116db13584dea25b8cc23e7e8580a45433af788f4c9a1af53142c1d5a2a2d7f2c5354ea93f268ad2112063da3fca6ad5b0862ef3dfda9782a8e43b6a0fabddba0ac576f8b6bc97322b19044766e702b7d058644ede13825a125ec64596160eff347cb72ce6283d5e4db0aa7fef7bf556d9141bd24d3110ab4159871f134017c7eb3674479b5491d5bdb90fca8d3eaf73149202ac4d7cf21e70da212f9c284bf5dd0a7c3836b7ce9e64aeb627b589146c6fb42370cdce81ccbdb9c92bc3b0afdfc30e66d892e6f6b300ab7e745c295908d737c4947c55741666a080335b1fc75359450d0b01a847c9141871f7c2475dbe4c1ef765a9ae9ec00aa67873ef94bf122b79c8ae200f052ff59eb053f7b65d8b571add8391e083219ddc19b991fdd48f67147e5a3c0fdc6a16674786da0e4939a9c0e1067b6bedc22d1b460e35c6afa3442ba7f06c109e4117d9afee452e1432c1a7eba68a5fd9d9bdb3fe8b4ef65fcf7e19b2c529167794287c4f2ea42ea14ee81a43bfb09fe7cc852ac4db2771b9d6e241a2a85a419cdd4e564764e3e2abcf238405ba4ccc945820f3372027ad5d46704c224f063229e6c6a6960805cd8242ebef7732e16d7c38a8ccba45c737887f64cd77026e7afaee083d8880099d0ffd8a23146f6ca4d6fde7ce879b1d913b84007e7ead1b426261ceef7639a70f32ddb93ab7af4d3f084feb87d7c1cbe824e78d0c5007e61884aacd08e210942e52acddfa24d639a1530546f2d8192bc566c184ab426235d611f6014d102bfea6aac9cfb6b09f8e2d4d2c5a24237efff261b8b942b77", 0x1000, 0xfb}, {&(0x7f00000017c0)="1d880c2d2fde682c527a8ec42a03b3404c38135a072ed70853cbb56abec32840be35a837ef6a8ff5f341ba8d6fa51e1d17c21668426c382e64b61f8ecf8f4f4a582477a6d01357282e1c445c179c05710b1acb6949a7ccc66d3fecf61254aae072a653d9ed48b0062889c4c458cfc2c2e14ccc6cf930c6d5b1ebbc9f9433c99b1bc9e5183709fc4338f164c378f4c9bc01164eb23fe6aafc3fe8a84a6e78914c9cd044026131acc1a1d60d34bf00f1261f2f51fe", 0xb4, 0xffffffff}], 0xc47fe2f92c88d373, &(0x7f0000001a40)={[{@localflocks='localflocks'}, {@meta='meta'}, {@errors_withdraw='errors=withdraw'}, {@hostdata={'hostdata', 0x3d, '/dev/kvm\x00'}}, {@statfs_percent={'statfs_percent', 0x3d, 0x3}}, {@quota_on='quota=on'}], [{@seclabel='seclabel'}, {@fsname={'fsname', 0x3d, '\\'}}, {@subj_type={'subj_type'}}, {@appraise='appraise'}, {@uid_lt={'uid<', r4}}, {@func={'func', 0x3d, 'POLICY_CHECK'}}, {@dont_measure='dont_measure'}, {@uid_eq={'uid', 0x3d, r5}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@audit='audit'}]})
ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205649, &(0x7f00000001c0)={0x9f0000, 0x6, 0x400, r3, 0x0, &(0x7f0000000180)={0xa00903, 0xb6, [], @p_u32=&(0x7f0000000140)=0x8001}})
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae8a, &(0x7f0000000080))

23:32:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040)='nbd\x00')
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r4, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x20040010}, 0x35ebfc50ec2ec593)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:32:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x80045440, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x57, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)

[  806.153744] FAT-fs (loop3): Unrecognized mount option "fsuuid=50Þ" or missing value
23:32:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x80086601, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x58, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 1:
syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x2, 0x202)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vga_arbiter\x00', 0xc70995dc7f0df6cc, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x42000, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x3, 0x2, 0x20, 0x70bd25, 0x25dfdbfd, {0x5, 0x0, 0x3}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x40)

23:32:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\n\x00\x00\x00\x00\x00\x00'])

23:32:27 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:27 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$KDDISABIO(r0, 0x4b37)
syz_open_dev$tty20(0xc, 0x4, 0x0)

23:32:27 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x59, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x80087601, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x5c900, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x5000aea5, &(0x7f0000000080))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f00000000c0)={0xaa4b1dc2a1bc09db, 0x5, 0xffff, r7, 0x0, &(0x7f0000000040)={0x9b090c, 0x81, [], @p_u8=&(0x7f0000000100)=0xfd}})

23:32:27 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x5a, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/keycreate\x00', 0x2, 0x0)
get_mempolicy(&(0x7f00000000c0), &(0x7f0000000100), 0x800, &(0x7f0000ff9000/0x4000)=nil, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440)='l2tp\x00')
sendmsg$L2TP_CMD_SESSION_CREATE(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20100808}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x8, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4050850}, 0x6a800)
sendmsg$L2TP_CMD_TUNNEL_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x24000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x40, r4, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xd3}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5, 0x21, 0x1}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x9}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000011)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x2, 0x8992, 0x9c})

23:32:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0xc0045878, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:27 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x40300, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={&(0x7f0000000100), 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@ipmr_delroute={0x2c, 0x19, 0x200, 0x20009, 0x25dfdbff, {0x80, 0x0, 0x80, 0x8, 0x0, 0x1, 0xc8, 0xb, 0x2200}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x6}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4005001}, 0x4)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000040)=0x7fff, &(0x7f0000000080)=0x2)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$NS_GET_OWNER_UID(r3, 0xb704, &(0x7f0000000540)=<r4=>0x0)
syz_mount_image$reiserfs(&(0x7f0000000240)='reiserfs\x00', &(0x7f0000000280)='./file0\x00', 0x8001, 0x4, &(0x7f00000004c0)=[{&(0x7f00000002c0)="d36a257f6461b9086d96a55df59ce933f7f03ec43777", 0x16, 0x80000000}, {&(0x7f0000000300)="547b07794597803d00c88588a26731c132e7ae81e7fa84c206fd33ce72df16156542a745c7b104295edf7bb4bbdc8155e5e8ca4792dbddbe518fa6b4ee116f0d904c0a54fc891144954bfa81fd39b28943ae499920", 0x55, 0x3}, {&(0x7f0000000380), 0x0, 0x4}, {&(0x7f00000003c0)="2b1c9c9dccd82cabdd2c27e00a283866fdf61bd23542f0481fab64d1638f0a2ece6f7867fafdb8c8323c2129c3a92f0db35577d3b4718cd3fa7f15387a18767e8af79340c425d65d3ecf6396b7f6691e26e5ee2a30f905be5da9d8f51c3b72d722e90cc4474873c81886495772f488a0b3417d39de380b05764eaa9e852f8e1d9feef5eac9dd2e7cf057ffcff35f1944e35c5947d65822db54390910fddb05db4879513b2310fd35dfb8aebe3d60d7db901f186824143bb7847270fcd49b55afcd5ccb6725152ba04113134985f508755d5852eb14843fae56c36244c1bbbfb49a5989ccf1438bbb702da6fe16798b1e95ec2ce8f498e18d0b96171d21", 0xfd, 0x3fffffff8}], 0x2000000, &(0x7f0000000580)={[{@tails_small='tails=small'}, {@hash_tea='hash=tea'}, {@jdev={'jdev', 0x3d, './file0'}}, {@jqfmt_vfsold='jqfmt=vfsold'}], [{@smackfshat={'smackfshat', 0x3d, '/dev/sequencer\x00'}}, {@seclabel='seclabel'}, {@fowner_eq={'fowner', 0x3d, r4}}, {@subj_user={'subj_user', 0x3d, '/dev/sequencer\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/sequencer\x00'}}]})
write$P9_RWSTAT(r1, &(0x7f0000000200)={0x7, 0x7f, 0x1}, 0x7)
ioctl$TCFLSH(r0, 0x540b, 0xffffffffffffffff)

23:32:28 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x5b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0xc0045878, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r4 = openat$cgroup_ro(r3, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
write$ppp(r4, &(0x7f00000000c0)="96c71bb7d51ed2266ac39cd87817af2ece24e61fafd19bab8675b1d412125ac53c8d16dfd36228da4d6665c9f8a6abb7ce4045fbea65151ee8218cff6bceb7c9ba533dc896bd6d7b3e0e99a058771f5fed6d1e543fc6d7ab9a6eaa0adfe8c2f0ca8c743baaded7e4eec89fb9e08fab9e02fd0af1316ce3422d6309287ce6d9870e5d0379a5850a1958e4d2dfaabfdbe6394c17fb51639986589e47c9be1d56b04743dc319f3d3310d75d18309d2960581cc05ca633aa", 0xb6)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="3f151ac75a36a02a"])

[  807.012263] REISERFS warning (device loop1): super-6502 reiserfs_getopt: unknown mount option "hash=tea"
23:32:28 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0xc0189436, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:28 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x5c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:28 executing program 1:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x20000, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000040)={0x2, 0x70, 0x7f, 0x4, 0x3, 0x6, 0x0, 0x5, 0x2000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x246b, 0x5, @perf_config_ext={0x7, 0x400}, 0x10c0, 0x6, 0x4, 0x0, 0x3, 0x7, 0x9})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r1, 0x540b, 0x2)

23:32:28 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000140)=ANY=[@ANYBLOB="0000000000000000399629ba9bb1dc69241bff9dd03d49d4a0bea7c2cc4f6b28fc9863be9552cc1d632cba8370664ffdf09ba8fbb5cd9c489b52a00675800a475ff115c5fa701655edbad72c4e802c5836ff879c2724248d9d82dd9b76b0c850a0f4b5e430460be0b508aba4849afd0e6258cd3a587dd8089726831ef25b9486cd841a9136"])

23:32:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="2308100000000000"])
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f0000000040)={0x9d0000, 0x8001, 0x80000000, <r4=>0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x990afd, 0x8, [], @p_u8=&(0x7f00000001c0)=0x51}})
ioctl$BLKROSET(r4, 0x125d, &(0x7f00000000c0)=0x5)
fsetxattr$trusted_overlay_origin(r3, &(0x7f0000000100)='trusted.overlay.origin\x00', &(0x7f0000000140)='y\x00', 0x2, 0x3)

23:32:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0xc020660b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:28 executing program 1:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x80e00, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000040)={{0x4, 0x1, 0x7, 0x9, 'syz0\x00', 0x200}, 0x0, [0x7f, 0x270, 0xffffffffffff87ca, 0x9, 0x3, 0x8, 0x2, 0x1, 0x6, 0x6, 0x7, 0x9, 0x8, 0xffffffffffffff4a, 0x408, 0x3, 0x20, 0x7, 0x6, 0x0, 0x4, 0x800, 0x4, 0x400, 0x6, 0x3, 0x4abd, 0x0, 0xfffffffffffffff9, 0x100000001, 0x7, 0x8001, 0x101, 0x0, 0x1000, 0x2000003f, 0x4, 0x6, 0x20, 0xfff, 0x2, 0x7, 0x9, 0x7ff, 0x0, 0x1, 0x5, 0x100, 0x8000, 0x2, 0x0, 0x78f, 0xa5c0, 0x7, 0x2000005, 0x7, 0x8, 0x0, 0x4, 0x5, 0x4, 0x6, 0x90dd, 0x100000001, 0x2, 0x3843d31e, 0x986, 0x7fffffff, 0x2f, 0x1, 0x0, 0x800000000000001, 0x10000, 0x40, 0xafb1, 0x1ff, 0x650, 0x10001, 0x4, 0x3, 0x1, 0x0, 0x4, 0x101, 0x200, 0x3, 0x1, 0x7, 0xffffffffffff8001, 0x9, 0xfffffffffffffff9, 0x27, 0x1, 0x4000000000, 0x7, 0x8, 0x10001, 0x3, 0x33b, 0x3282, 0x4, 0x5, 0x3a26, 0x5, 0x2, 0x7, 0x6, 0x1, 0x9, 0xfadd, 0x7ff, 0x93d, 0x1, 0xfffffffffffffffd, 0x8, 0xfff, 0x1000, 0x5, 0x80000001, 0x3c8f, 0x23, 0xfffffffffffffdfd, 0x54, 0x2, 0x1, 0x197, 0x1, 0x3]})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r0)
syz_open_dev$video4linux(&(0x7f0000000580)='/dev/v4l-subdev#\x00', 0x8001, 0x8000)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r2, 0x800455d1, &(0x7f0000000540))

23:32:28 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x5d, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:28 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000000)=<r2=>0x0)
ptrace$peeksig(0x4209, r2, &(0x7f00000000c0)={0xc, 0x0, 0xc}, &(0x7f0000000740)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}])
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x5000aea5, &(0x7f0000000080))

23:32:28 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r1, 0x8983, &(0x7f0000000180)={0x7, 'ip6_vti0\x00', {0xe1}, 0x20})
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f0000000040)={0x1, 0x5, 0xfffffffe, 0x5, [], [], [], 0x0, 0x5, 0x52c, 0x1, "38151b43f12b1661903d69d316f0bcbf"})

23:32:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})

[  807.665776] kauditd_printk_skb: 7 callbacks suppressed
[  807.665795] audit: type=1804 audit(1578871948.767:2940): pid=14398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1273/bus" dev="sda1" ino=16831 res=1
[  807.785094] audit: type=1800 audit(1578871948.837:2941): pid=14398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16831 res=0
23:32:29 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x5e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$SNDCTL_DSP_GETFMTS(0xffffffffffffffff, 0x8004500b, &(0x7f0000000000))
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000240)={0x2, 0x1, &(0x7f0000000040)=""/33, &(0x7f00000000c0)=""/74, &(0x7f0000000140)=""/167, 0x6000})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000080))

23:32:29 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000040000"])
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
sendmsg$IPSET_CMD_SWAP(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10008}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x78, 0x6, 0x6, 0x800, 0x70bd29, 0x25dfdbfb, {0xd9b774e1c6b2e993, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x28000}, 0x40081)

23:32:29 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:29 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e9", 0x18}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:29 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r3, 0xc040563d, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x1, {0x8, 0xfffffffc, 0x7, 0x3}})
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r5, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000001140)='/dev/dlm_plock\x00', 0x105600, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r6, 0x80044d05, &(0x7f0000001180))
socket$netlink(0x10, 0x3, 0x6)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r8 = gettid()
ptrace$setopts(0x4206, r8, 0x0, 0x0)
tkill(r8, 0x20)
ptrace$getregs(0x1d, r8, 0x80000000, &(0x7f0000001080)=""/137)
ioctl$KDFONTOP_SET_DEF(r7, 0x4b72, &(0x7f0000001040)={0x2, 0x0, 0x7, 0x0, 0x20001, 0x0})
ioctl$TIOCNXCL(r7, 0x540d)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r9, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_FONT(r9, 0x4b61, &(0x7f0000000040)="1186236e8e06184509a8259d30fd3c50664631c34f49610f6296feac9e350499323cbe4582fcee41b38617ffe772319abb6eaf55a739a9e8573d8efc42e9612fdd8895f2ddc278aefaa60d15eaf28aa1d4ef0c69671defd05804e36e9d12b2407516630fdbee84458905e951998d4b52681f40f7ce76dd062d3bea50b0d0101bbd39e94122c43084d2b2f05b713bcd149bdbd09ae750e0d51f229b0721f15ac1347ee6677fb0e93c8560392e81d8f4aaf210eef891527ae22e0b535205315bec86a0ee42f95aad59eb996be7e5e09d82fb60f191fe44bad38940750a2b4304cc68d144ef4ceba4bb231eaeb6b15f9e75cb747b4a79fb51de559fdfe34b1de34d54382ed0459811783910aee353e11d426fcc85b38850c31b1640f6df72af0788649e5a2322583da10693cd6bc76681c467d145a52994f9a5386081e459998ec0079ccd25f8e782197c541154bc3c49c3f1de396f9e355c5a7452053c56a75db427515609f350da6a3766a520f3825590de6a179e44cb2290311cb909fcc79fb2be02b653248fbc10640ac05ae683489d503d97d42bc27fe9f9f72b55c259cb5d907e0f222f35b5b14d44a580cef78d75bed189779e20b4d99306fde8ad71d9668791e8fcfca1170f8e231fff910b5fa5a6cc581b61523e23203340f2182a00b5507b6caaca980366135b27ae2d1588f849ace6dc9f43ac523ba7ba334e25531de8069508df1e636e8c357ffb1109e5f911ee6f23dc87eddd240a94ae8b529ac1260813fc31d42122f935a0db7c04df435d6e119ab34ef548233b5064cac11dfad1a63b0685f9e673216a99073f3545f1b1bbd0a149e5f4d915dd164cce23475a49154cc875b67b660299f0363a92f8c3fb5815a652555f3c0035134455f81c87cc9caf9a9b330dd517491ca07b2d625b206e575d8cce77144ef307024347b32625e62f7597a470798f060d16474cfb9f4d9de8773f1f060eb630b343938137038b21e0656523653ddf7d589776f8c34186c789b673d9a7454b7974d0cfa1261cdf900d7ae092d710d6108eb22ee63f9c90211654faab6e2388af6349a088d7bc773014668d888032b275d53c0b43cf452ed7ff275b59009179df88852d6cf56c9a0030697e8ae0d8768ff1798e29d5962218991240eba7aa626f40cc1f81d04714a15d5e8657091967d1f102c36937e96e4cf1b402d6d83b12004de52423839a2ae08b15395b5e2eeac4c1692eeb65b627cfc8d51839d292a7f97962e5411b5c62557b38fe90f666d0cea1dbaad7bd83581242d92f94d94535982d763a0aee69f8ee9450440fe7f4695f47c33e8d0ba5045e56ceabf3ffe5cc954363bda50122f1a4a6dbc719893d755c51a6c6e811166da3c0253088b3975a9986545e15ab82443c1aad4630e90b500bd35a53173f77597664393d5f7cd0080165510cfa43d01aa043458ab05cbc682e2f31412dfd958e00a7b38641621339b05e83ade4a957d616d3fcc872698fb599de19908c119c38f21b92bbbcad000bb78209a48fdf25118fc264ab4351bb06891d6ee1a77919f4fb7dfca133a945c02105402716861fef0454d0d36644647192fc5eee0a1c94889903689d273883387e724cbcc8ad8bbe3bccfaa9395bccc848d4f666c58478cb74f02e87f3d919a121336b9cc8d18e2a9419c7d31508faafcf9f6dac80fca025c88fde3539e9fdd17fab15e685e854ba5026cc84265a027fbccb7df6b669fc7b074af93027568a7388a0a79fe270ddb31d3d5b593d5dcbe077390282c171ccf19b9aa77bbd4437ff570d17a1073e645d89ebfbdeaed80cd71517ac9e079a906d0217826490be13ed1b72c2b2793188b76f660dd6eb7f42919147d47b71262f1e60cd47d66fb7b4082969aebbb6a9f12c466cfb2593cd83119a69b1efe32b704627e4bd0f1967da6a69d2bdf7b864f04a09610b8522665cba965d1183f75cb4f7ef2baf2ad4f7be44f91729cae476b694b90281f27dffaf1329f80176915fcfa3584d0ce551e4be3c0814f377370d991929d27686910c40eb9323f6d4d4b140db1b491b9eab511afbfdb4c490301a2680b0dec9399468d3c192e9d9004c3c102483263f0557b902fbf81fb1bf1113cb52f63f488a268d265914634b7e5c66c9eff5f66cf0338393630eee740c712b69ba86ecdfb762b2ae97461a4ca4acac42c3b35796efdd93a5a11a78d552a0298b3414dedf9ceecd336f3ec238abc38f9e2b779596958a83d9db18e6a6e927f46b6c390d1377c07b07c0dc83bdc6fa2d0368907fa95ba164d58576ec76ab32b34610896d6e6d6cd5cf09999a14ebf54df3f1f1bce74de7369f0d18190bf62d4e33cbcbecf3229363ad582312a7b6dc80afa9b04bbe3ea07e0b6695339c9055b6705f66bdf850370ceb475977f59bf1510295972574aa30d6cd61f0d44b0d5bf3a0442feb1c81e310c2acf75ca2ceadc4a2c084197bf07217a05134dfa5a2add8fa4bf17dcf796124814ad0ef8677438ade404225c73c63402f478c80001350eb915d08bdc981f82d3362037b9bf4081150314a642119a05f832d435c01d18d016793ea80dcbd4ae012626d986f8bbb9ca5937f0d0e06f27840bc10e5611b1ba142bb69d2eed4f3556351141a69675bf3e50706e089d1bcf87a5ecdf425c4045e8b8c538c5e5833ad3ceb9c238b7d45c32149280cd1fe2c7fc3eb7b5c4d8d1c7d056257ff93d3cc29c73054ec957c1c5d6d939812c263d9486cd6c1d1cd5e5fceacf515ac71520c248fa6d0462280bcc5fd974323cc12b81277541a176eaeffe29b0bf7a3ab96108d9163bf0257426a10eb9070df15f079a154bcc42127864464595bc2060cf9ef222aca4a355536017d7b5399fd63205e1f608a5ec366bd85dda40713b9ac5849a32bc36b8354d4c491c6aca6245b75d213293017c70ccb0e2e92010f149eb681732115171c5c4d0d9d26eab9298534774cdb0b811f57819e87ee9cd3c798359419d154205b64be81e49138b2d5c3215887b9713f8826da93c4ae6bf3e698eb836a8fc1791999d27146213fe3ea7c3bebd94f576372752ba7d1f8352707a9bfcb60ef01adb407111cbba97cf7ee951d57a605df17fbd6bc7088c9a6a0ab8a82dee108495a7f97c88c63363d74bf0713b7e1a9069246f1553302d58605b19139e8871b10ef2e0263fcf2d38dc8dff093cdaf9aa97dcaf884919ddbb67c6401a95426f977ce6cd70407f30d0aa78145ac77fb89c0fde6c6aaed72dde211914e9a2d4967ba01545f580f87723c2d8763dc2f16051c97b690afc865d6f598c3a63f8595c0208dba95b98fb1ee171b8b0411cd21c555f4bcbf0a2508e8176888a3e758f896abfb07969b0b7dc731c19a04fb75c3605dd4216fb5a912429af67c57bb4f8be9bdedda7d2fece3f6f9d015ff384b0698d21d7aeb26d4d8da0bbfc0a8c61bfe3bbdefd3fe31c74c647743360d9b380c1cffe70fcf23b25e77134fe6c38973baf71afa806331b0568fd087297d477b5940d63d80449c2617f08acad2173bc0f3cc46291dc43718554cfd93d6afbdb9ab73966d3cbb1fe101552b8d5bb3bcbd94e0ef96124715e2fe3174c83fc7dbf2c1fdbb499cca37d2b3e823b618d351d107a15a071f678370ea0a2006dda407ada49d82d170025e3aaa936adfd81e736ac07ac51feef9fbc0b3f546d5aeb420e0d9518442b441da1de90db11d2784f433f8ec108b49f3c188a15c8115cca90107b983f56f61c51c79b084daea6ef24d9fa186cce029f533466fbfe8be51f12ace79bc0184f9a58b5d7ee4060d6fcb80ac6d1bafef7ac7f9c3fbc3933545f41f13f70abddc47549db8b6e8373fdb6ca2b509613c5b4ccd5107439729e812081b102d2c37a3205bf6f65ec282b71f1500b10b1ab9f0d752b5e34857d475460e0314104a30b89f486c08118a74053c967b1da8ad204a744ed7da8b7d4d1a22790a63c274f7ea6cceb79daca4d12053c2a6bdfb0a573be165569a08f05de2be2b8a337a0d33a1f9759a8646710fd297178c8ec8b58db0d4d4fe510d385c49d06beb230469f78f17738b989b6a72abd7580846da5120f019b848ce2bf3b43263d4fbefbcb8e9f751f4e13365836d136466d74a6e738449ceb9d5a4ebecb1624d4b2164a5be1e8371d9be991c6558ac659177bf8f9a49bb1ab2353d4c96ff91118198a272c3106caf84ed02ac122b1cd82d4c18aaa305c573e25f1a80e7aad143d7e1651567365eca01766449dd8da63fce58a7faea1912204f47d9ed579297b65861064add3834dcfd278dbd5416941d0d2a0250cd3903b6d010b86c88ceaa13d8ce873aa895301a980036529ecd33deabecc45bdc6e784d9e7e0d2c7d2cfb9d9a3d00fdd148d77f7d8b6e8a92ba30fafaec7d00c0365165308ef0d24405e58255d038025f22c96cf4b500a739c5b8fc8d288003f3ff09d62d568ac91033b172b34aca44969abdbb518afbb74eaacd06b4a5039016bf095ed464cc3d86894bb86b147ce8f045f54b2df37f3756cc8980c1b5e1de6add0d7c6c99728f633a06608571511113dcfdfdf5d01f4afeb4271506b4918e824e5a5f700d8e5e2e28f7c6da34069b9f12678b8f5b0f9e5bd118c4917683ece2485f53fe47e523329cdf986a9dd163fb6f12b8acadc6bef36402623605cf22f9cdb2fcd5c02251508a5c883c20210c0daa80585388c6a1a4c8a916b58dd8e87704e1fd6b9f44ce7c87df3cfabc1af0937f8fd34495ddcfae344b119d4c481bb7c21f2a3560d4c55e07013efd0ffdc83079d599d1389f7a4649427cfd7378e522aa971844cf417ef454e73106f0eaf5fbde6cd88eca022f9b308673197046d59bd17b2211ec93ec153069f991e72010c4b7b87ef95aaa3d4c58216244fadc3175a11ac94a7f01b7949f9df56ce4ba4bd6faf581080535dc010e125e69cc4ca23204f5b645c4fb13fe3117fc11f57149777aa04e41a37212cc428c5e9d24a37920e9e021603347fc4fbd1e64e6f51b420b65b9391297644b7bde01700f292c6bacb78ac5eee9fa5cbe857683fbd8789233667c37e9d86d347c6c6389d555cbc412d31d63b76e08ae4b760c80f81ba33f1ed5cee374d0e9225b22c6ae94a1b60409a59fdf1b1e82346246eaa473a4962653ec9e1d51c31d29dcf3250e69ff5fca013430a6aa8aa52849f05c1a4a85ad217a52c42f187b21df4b2833931ecb4bc764742c0a569cf77f5b97cd21b1196e181d7351f9ae807726a7452b63e60fe7e147151de90ce92dee4332da76327cfc3b543f0d0e7f4a263b7d4c9b2a1eede7ae4be0d122d792cf450fb281c5a93310e33cefbf4740417c49bdcb37cba11586880981d875b30de0f89b17faf772190d94bf15340e15e06b9dc9d93ee019c8d4862018e126d28426c785823f86e2603b3f47aab480950d33f911e59a7c388c66fbe08dc5ec4478379b5d74333dbedbf06ad77a5eadbfc70c6380643a9df77c0885877e29cd2b5af41bbe3aba304b6505b2731c5e4b8de2dc759965a820a942c790f406e874de74146eb3397b622f8b0c6d75828c842e712b4af0f30711a8236d25255c5030cf5d499d662a642d5038bcde46f34870a0336ba6b3a6a86b6df93426da3d9e86598345d52ea8842872e3d7185b1dafef21ac63733785aed7eaab621fe5ec5752ddc0c81a90647ea21b09e2e38cb7b85fedd9c16b7596269a36ef08acb4b812d033d42d917a27c5c9b2c2254b40c100d1d05e4b2d51bd7a3ff24f4b8236d9df7f8d1798003d66cfabc4d313ab801599e92c086128d6")

23:32:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))

23:32:29 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x2, 0x0, 0x0, 0x0, 0x0})

23:32:29 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x5f, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:29 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000140)=ANY=[@ANYBLOB="000000000000000052334a109bacdc57a3e14b3de5ce26f1a462dbff6bf0d679cc18a11774fe5ed1f6f97b47aa497574344ec078a2c308ff1e09333a987d6122a7637d6efa2ff821d20eba39616d89fb5ecd6a405344760814e387709435da8c7384ad01688b5e9eff82c8d311947bf7049400b6477945fb32cbe467e514ab081691e1f42cc256d6dbd2e6db6fe256f4a5cca14212915c37629dbc"])
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$audion(&(0x7f0000000240)='/dev/audio#\x00', 0x7d6674d4, 0x3310823b3c1723c1)
write$UHID_CREATE2(r4, &(0x7f0000000280)={0xb, {'syz1\x00', 'syz1\x00', 'syz0\x00', 0xf9, 0x2, 0x5a, 0x5, 0x6, 0x5, "566a78e09d27cddae0f166a0e488e88ccb1b7082569fd0da785857efd4f13d7490732d4482ca898ee687b7817fdddd7e7e65aadb87ddcc290c8b73eb3b5dee21367b215e2503ce62084c0cd60f56d7e53e00a7141a269c6265d9db9169f41061d93187065601d77624518b294fd0a398f917d59329b69094e844e8db12c022c3e5bfefe53a0dd91125419efea6f6249654d7dd5ea1d361d82673b51b16a2e7a70b07b10cc11385d7f6cc515464e4de7297fd2db8c2fc935d2b4c09158b550baa5d4047bb98851377d22eaecb860e6aa3916980ebd2f40a6ab45abfa2a16be3d46782361ad94cad82740617c25f9eaa1fd4fdc86425a6d6aad9"}}, 0x211)
sendmsg$IPSET_CMD_HEADER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
sendmsg$IPSET_CMD_SAVE(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400410}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x64, 0x8, 0x6, 0x10, 0x70bd2c, 0x25dfdbfd, {0x9, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x5f7e1b584f604e6b)

[  808.216382] audit: type=1804 audit(1578871949.337:2942): pid=14443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1274/bus" dev="sda1" ino=16893 res=1
23:32:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = dup2(r4, r2)
setsockopt$RDS_GET_MR(r5, 0x114, 0x2, &(0x7f0000000040)={{&(0x7f0000000240)=""/4096, 0x1000}, &(0x7f0000000000), 0x8}, 0x20)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000a52281f38618232b159ac2dd4b36bbb6d83c078a27d0ff8cf18a35540686cd9299fc3e3606feb8000021fced0f18ff71801ec99092db4900f89f7a33e7138cda7b2276105673be96edef715e405d8bc6dcf7b40658571d042178814da33974a73d05b6ca800e0e0cad021273f98b6bde341fe1b2d8193adf5288bf492baf292cbc635191e6b8e5a8fec131f2c56938a9642361f791e970"])

23:32:29 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x111400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:32:29 executing program 1:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x100000, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$DRM_IOCTL_AGP_ACQUIRE(r2, 0x6430)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={r5}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000040)={<r6=>r5, 0xef, "554dd2b15b36124688328b06808acbd8385f14d15231e0405869e4b75c5d3e5d98bd9df6891a10ab9c35fa6a325aa325fea46c04b99dc04a63e5a1d0e3ef64d3fc0f4d62454001f3615137998988c907a9e3b0e0ed06b80d8fb381c6e156a7c2a816bb25a970987fc3145536714c556ee29dbbc8f864f114d465c6c3481cd20cad85d38eb509d335d5e345b08452820fa280eaaebbc2a9231f5a71f037a9f405c88b2ce7cd7db36a00d32cc353cc5dbcf78c3c0c667e0ffd864995d04734b1fcf4d62927dd4b1bf10925dc495cf60a119cb0fd9f78fb6ed284767460c9fc69cf0d057142c60843b3e1a5a3f0ab7767"}, &(0x7f0000000140)=0xf7)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000180)={r6, 0x1}, &(0x7f00000001c0)=0x8)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r7, 0x540b, 0x2)
r8 = syz_open_dev$audion(&(0x7f0000000200)='/dev/audio#\x00', 0x8001, 0x2201)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000240)=[@in6={0xa, 0x4e22, 0x2, @empty, 0x81}, @in6={0xa, 0x4e22, 0x8001, @mcast2, 0x9}, @in6={0xa, 0x4e21, 0x7f, @empty}, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e23, 0x9, @ipv4={[], [], @remote}, 0xbe2}], 0x80)

23:32:29 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e9", 0x18}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  808.270372] audit: type=1800 audit(1578871949.347:2943): pid=14443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16893 res=0
23:32:29 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x1000000, 0x0, 0x0, 0x0, 0x0})

23:32:29 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x60, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:29 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SG_NEXT_CMD_LEN(r1, 0x2283, &(0x7f0000000000)=0x56)

23:32:29 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x2000000, 0x0, 0x0, 0x0, 0x0})

[  808.702335] audit: type=1804 audit(1578871949.817:2944): pid=14485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1275/bus" dev="sda1" ino=16929 res=1
23:32:29 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x61, 0x0, 0x0, 0x0, 0x0, 0x0})

[  808.815280] audit: type=1800 audit(1578871949.867:2945): pid=14485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16929 res=0
23:32:30 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000000)={0x6, 0x5})

23:32:30 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0xfdfdffff, 0x0, 0x0, 0x0, 0x0})

23:32:30 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$IPSET_CMD_DEL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x28010800}, 0xc, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="580100000a0600022cbd7000fcdbdf250a0000010900020073797a30000000000500010007000000540008800c2e000000100007800900120073797a32000000001800078014001700626f6e645f736c6176655f30000000001c0007801800028014000240ff020000000000000000000000400001050001000700000008000940000003353400088018000780140017006970766c616e30000000276f1e2a7e185910241e9bdb0000000000000c00078005000300040000000c00078006001d400002000030000880100007800900130073797a3100000000100007800c00018008000140ac1e00010c00078008001c400000000114000880100007800c001840000000000000000454000780060004404e20000018001480140002404da065e509bb8bfacf6f1a620be3e28530001a0076626f786e657430656d30656d316574683176626f786e65743027246367726f75706c6f70896f"], 0x158}, 0x1, 0x0, 0x0, 0x40000}, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080)=ANY=[@ANYBLOB="04000000c6b0e8b6"])
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00')
sendmsg$NL80211_CMD_NEW_INTERFACE(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x14, r9, 0x405, 0x0, 0x0, {0x7e}}, 0x14}}, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
r12 = getuid()
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x646b, 0x4, &(0x7f0000002ac0)=[{&(0x7f0000000240), 0x0, 0x8000}, {&(0x7f0000000300)="c7722a8f4140588259ca30605d849fad7da2f71783369f9e04dbd079471fddeb3f57b740a0fe2bea8b9133ee03dc54628da983d8d9397598cdd6b0fa837a06871173a870f40a2ae40d9929eef3482195bf3914c67d2c12abf83150b4524157a2eef77ce5c5d93ad6764f76c39521b1d4080148", 0x73, 0x6}, {0x0, 0x0, 0xffff}, {&(0x7f0000000880)}], 0x2000080, &(0x7f0000002b80)={[{@nodots='nodots'}, {@nodots='nodots'}, {@fat=@showexec='showexec'}, {@fat=@nfs='nfs'}, {@fat=@sys_immutable='sys_immutable'}, {@nodots='nodots'}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x30, 0xde, 0x0, 0x32, 0x65, 0x0, 0x66], 0x2d, [0x31, 0x33, 0x68, 0x64], 0x2d, [0xf91d1c00e4de5845, 0x0, 0x61, 0x37], 0x2d, [0x64, 0x0, 0x38, 0x38], 0x2d, [0x31, 0x39, 0x36, 0x0, 0x66, 0x66, 0x62, 0x6]}}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@uid_eq={'uid', 0x3d, r12}}]})
r13 = getuid()
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x646b, 0x4, &(0x7f0000002ac0)=[{&(0x7f0000000240), 0x0, 0x8000}, {&(0x7f0000000300)="c7722a8f4140588259ca30605d849fad7da2f71783369f9e04dbd079471fddeb3f57b740a0fe2bea8b9133ee03dc54628da983d8d9397598cdd6b0fa837a06871173a870f40a2ae40d9929eef3482195bf3914c67d2c12abf83150b4524157a2eef77ce5c5d93ad6764f76c39521b1d4080148", 0x73, 0x6}, {0x0, 0x0, 0xffff}, {&(0x7f0000000880)}], 0x2000080, &(0x7f0000002b80)={[{@nodots='nodots'}, {@nodots='nodots'}, {@fat=@showexec='showexec'}, {@fat=@nfs='nfs'}, {@fat=@sys_immutable='sys_immutable'}, {@nodots='nodots'}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x30, 0xde, 0x0, 0x32, 0x65, 0x0, 0x66], 0x2d, [0x31, 0x33, 0x68, 0x64], 0x2d, [0xf91d1c00e4de5845, 0x0, 0x61, 0x37], 0x2d, [0x64, 0x0, 0x38, 0x38], 0x2d, [0x31, 0x39, 0x36, 0x0, 0x66, 0x66, 0x62, 0x6]}}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@uid_eq={'uid', 0x3d, r13}}]})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000004c0)={{{@in6=@mcast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@local}, 0x0, @in=@local}}, &(0x7f00000005c0)=0xe8)
stat(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, <r15=>0x0})
r16 = getuid()
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x646b, 0x4, &(0x7f0000002ac0)=[{&(0x7f0000000240), 0x0, 0x8000}, {&(0x7f0000000300)="c7722a8f4140588259ca30605d849fad7da2f71783369f9e04dbd079471fddeb3f57b740a0fe2bea8b9133ee03dc54628da983d8d9397598cdd6b0fa837a06871173a870f40a2ae40d9929eef3482195bf3914c67d2c12abf83150b4524157a2eef77ce5c5d93ad6764f76c39521b1d4080148", 0x73, 0x6}, {0x0, 0x0, 0xffff}, {&(0x7f0000000880)}], 0x2000080, &(0x7f0000002b80)={[{@nodots='nodots'}, {@nodots='nodots'}, {@fat=@showexec='showexec'}, {@fat=@nfs='nfs'}, {@fat=@sys_immutable='sys_immutable'}, {@nodots='nodots'}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x30, 0xde, 0x0, 0x32, 0x65, 0x0, 0x66], 0x2d, [0x31, 0x33, 0x68, 0x64], 0x2d, [0xf91d1c00e4de5845, 0x0, 0x61, 0x37], 0x2d, [0x64, 0x0, 0x38, 0x38], 0x2d, [0x31, 0x39, 0x36, 0x0, 0x66, 0x66, 0x62, 0x6]}}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@uid_eq={'uid', 0x3d, r16}}]})
r17 = getuid()
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x646b, 0x4, &(0x7f0000002ac0)=[{&(0x7f0000000240), 0x0, 0x8000}, {&(0x7f0000000300)="c7722a8f4140588259ca30605d849fad7da2f71783369f9e04dbd079471fddeb3f57b740a0fe2bea8b9133ee03dc54628da983d8d9397598cdd6b0fa837a06871173a870f40a2ae40d9929eef3482195bf3914c67d2c12abf83150b4524157a2eef77ce5c5d93ad6764f76c39521b1d4080148", 0x73, 0x6}, {0x0, 0x0, 0xffff}, {&(0x7f0000000880)}], 0x2000080, &(0x7f0000002b80)={[{@nodots='nodots'}, {@nodots='nodots'}, {@fat=@showexec='showexec'}, {@fat=@nfs='nfs'}, {@fat=@sys_immutable='sys_immutable'}, {@nodots='nodots'}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x30, 0xde, 0x0, 0x32, 0x65, 0x0, 0x66], 0x2d, [0x31, 0x33, 0x68, 0x64], 0x2d, [0xf91d1c00e4de5845, 0x0, 0x61, 0x37], 0x2d, [0x64, 0x0, 0x38, 0x38], 0x2d, [0x31, 0x39, 0x36, 0x0, 0x66, 0x66, 0x62, 0x6]}}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@uid_eq={'uid', 0x3d, r17}}]})
r18 = getuid()
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r19=>0x0}, &(0x7f0000cab000)=0xfffffffffffffd89)
getgroups(0x3, &(0x7f0000000140)=[r19, 0xee00, 0xee01])
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r20=>0x0}, &(0x7f0000cab000)=0xfffffffffffffd89)
getgroups(0x3, &(0x7f0000000140)=[r20, 0xee00, 0xee01])
getgroups(0x5, &(0x7f00000006c0)=[r19, 0xee00, 0xffffffffffffffff, <r21=>0xee01, r20])
fstat(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r23=>0x0}, &(0x7f0000cab000)=0xfffffffffffffd89)
getgroups(0x3, &(0x7f0000000140)=[r23, 0xee00, 0xee01])
lstat(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r24=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r25=>0x0}, &(0x7f0000cab000)=0xfffffffffffffd89)
getgroups(0x3, &(0x7f0000000140)=[r25, 0xee00, 0xee01])
getresgid(&(0x7f0000000840), &(0x7f0000000880), &(0x7f00000008c0)=<r26=>0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r27=>0x0}, &(0x7f0000cab000)=0xfffffffffffffd89)
getgroups(0x3, &(0x7f0000000140)=[r27, 0xee00, 0xee01])
fsetxattr$system_posix_acl(r11, &(0x7f0000000480)='system.posix_acl_access\x00', &(0x7f0000000900)={{}, {0x1, 0x2}, [{0x2, 0x2, r12}, {0x2, 0x4, r13}, {0x2, 0x0, r14}, {0x2, 0x4, r15}, {0x2, 0x0, r16}, {0x2, 0x7, r17}, {0x2, 0x2, r18}], {0x4, 0x7875590acf091820}, [{0x8, 0x1, r21}, {0x8, 0x0, r22}, {0x8, 0x1, 0xee01}, {0x8, 0x1, r23}, {0x8, 0x9e5c7b5e1f615412, r24}, {0x8, 0x2, r25}, {0x8, 0x7, r26}, {0x8, 0xb, r27}]}, 0x9c, 0x2)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r7, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)={0x54, r9, 0x0, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_SCAN_SSIDS={0x40, 0x2d, [{0xc, 0x0, [0x8, 0x17, 0xc, 0x8, 0x15, 0x12, 0xf, 0x13]}, {0xa, 0x0, [0xd, 0x18, 0xf, 0x1c, 0x19, 0x14]}, {0xd, 0x0, [0x1b, 0x4, 0x16, 0x1e, 0x8, 0xc, 0x20, 0x0, 0x1]}, {0x5, 0x0, [0x7]}, {0x9, 0x0, [0xc, 0x16, 0xc, 0x17, 0x13]}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40c4094}, 0x40000)
ioctl$KVM_SET_CPUID(r6, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000100)={0x3, 0xa, 0x4, 0x0, 0x0, {0x0, 0x7530}, {0x7, 0x335ba5902da1f17c, 0x0, 0x7f, 0x4, 0x7, "73868553"}, 0x1ff, 0x1, @userptr=0x6, 0x3, 0x0, <r28=>r6})
ioctl$KDFONTOP_GET(r28, 0x4b72, 0x0)

23:32:30 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f00000025c0)={0x8, {0x0, 0x4, 0x1, 0x800}, {0x5, 0xc35, 0x800, 0x5}, {0x5}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000003680)={'broute\x00', 0x0, 0x3, 0x1000, [], 0x5, &(0x7f0000002600)=[{}, {}, {}, {}, {}], &(0x7f0000002680)=""/4096}, &(0x7f0000003700)=0x78)
lsetxattr$trusted_overlay_origin(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.origin\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
writev(r1, &(0x7f0000002540)=[{&(0x7f0000000100)="79cb6c2d3ceb607d477abddc19fc51ca690a96db9431501f3d23b55cf1c71a2ce2d3f1fa50f8b5f571ab8a435a97317a3829f03eff091b83d398d910d4309d3c1ec3c57a48dc0c7e9378f6269739425da9a8d565974ce0640a8194f32baf39de2b7d060d8d94962c6c9e1d56ad31ac47346b21627156dabe1b3047991b7d3dd235c13a0a3359255b2196582775d5d6cc1dc75f61aab2e80e935bc8f7fc49feb0b76864390ffac2bdd365f8d6bf57a602286fdf0d30f3768e18481f0643bb81ff5ca82592bf", 0xc5}, {&(0x7f00000002c0)="7e90515004a1d9aa5a9071949112f0ff4e1d9acf20d755616455da1dd5870bb8bac29b09f3cd0bbb1b21837a2b50222f69ef4ee2709f38f1572847e61bc00cb0f775cf22cb78b0e6fb54de881f08dc767203a58dfc95625dbb60f6e7998c0e9c50345d18a0b7bb9502a0521f4300210b59c004e7940134ede038a39a5dd850908b5b38dd1a40ba83726a13927ffd67ae96fc0bfb909fece17af7db6804c289ef0e2e2ad5f180019ee77cdc34b1e12abc14a79929c75180b07686cf334cfc328824", 0xc1}, {&(0x7f00000003c0)="0eb8af1739f2eeade673a1cb036062a1092833f8327e8cdea6420e34181b1eae8993d2a145b065a06538a6b8775b4b1fedcf8765c19dccc7145141e999de6367a2aaea9d7c303bf3710ee56acbdf2caca61ebdf4c5b03522048ac3", 0x5b}, {&(0x7f0000000440)="b0723f845d9ea33f76b346388de8d874ccc679b54973a4a24209d4ccd6c8dbdd1a29f4446570210f1686ce677ce77b1991959706681ca3cdbb2a4c0064fe71242005877b93d9180f99181b294ebd7b8429ff2ecacbe08e2c9dbf8f0fd14f81be1777051b8ade768fb3ec0267c6277050f89b18b205334edf97507de07aaf2954d825f8e16a55eb10d2709955e1c712c48b1b9c0bade372d9762c2d66d69c689eeaf4c1f9ccb8da66c5ce3d687f0520fd959a8babf5cedbfe6d368af2f13544f987fadb4c86dda007e4242a86a718b5ac0e495ec271fe1f4bbef235fc64125795b2f8509a17bcd0e3003d1eee0f5d19e1787ee4df7c205fb73a6e4c976906012307a1827deadbbb2511dfd4ec9857549598acbc3d341507077985ae09f5604dd14a8b1e1fb771e283b073fd4a5aee10fae45ee57543c21846a1d62d3d28fb78cd69953771b0c2ac14614d3d3c00b31c0cf441dddcdcf72ff32c6ea026e10880168e1dcc3a86e70111a7c910b23e3b3fd0a187173d0de207bd75cfad0e17bd9c3f72c313c99900882d67b6585a57edb2cee2d5bb5b3f25b6e2f76cfca8f132fb70dc2cd357a1af83c4f9ba2c4f71305c6c857ff6f5e6acf17d0022a78ef80b6059dab0db452f6838ee91ed34f2a1883150f51799c82e00d57c6fe9e6b475b547e08100ca5f60587afb806fd45fb978baf0bf794ad14b8d42a0164c3a507634e2e03c873794f6b5124e6420e2ed626c6764c511cab6751d5a4803b721e321b0727243213f8fdf79c56ca8dfbd54c16dbc99f0385ba585780fae4bc5c53f34f4cd73618608d012bff2533913e412a8f3dba47910b4f5667673e23665d80135cd53cd7e33c53b7b7f37a5a772a72d0fb97c4cdd08d216ad2a89441b7b95e77a191859fa96cb7dad2ff11e44443629f593d62dd50aca7ce53dcd4358b3b7bd59c811d3d469504e3458344ffb13954a666db624700bf69e372fdc218488c9fd9ff3ef73e48a9a80d45d3ba469038a6db5685b59f4f363e1797e47d03e0fcdaea1cadd0a75eef9031d1a10a8ec093ec87b887ad3fb1d0b7843d232f127aed6abfc2117a5e58073168a25f3076f54b5b9569731787bc7332d63d1b48085ef13d422a766ee5ea05e509316243e6c2e3ec8fbd75d81bca2e4b18dfec5845edddb226719036e9241d37262565b0fec69b4d49c4dd545f2466585f072762dc286aa4d19a917e246fc8d9fd0219b84c10b5271588962eb793a70f9508287b02a557c9c8e5d8bc7d7fb278a8890ae3ab819c6f0d58b14fcb8df0b0e3fc67593f471815f246e6140c30d7b7b3e92512e9196f0b87075d40514b1462c46634b61be9b397653e68444423d457d85394083eb943b0738dec491fbfcc8a862dc1ab1731612a22a51a8ce1d08bcfde101acaf87976a249b5499bfdf30493928d4fc0814e9b230fa77f957ffcf75ad27c7972bab54fd48db588e9c24db7659c37ba2f42a16e2adc4b7f10c28560d62959cc0466db9e1b45c54f75c06f7688c516993942853e3b37e43b7de818601450a07f946f3333d959b2109c2e8dc121effa5f6725c26ba2b087f2e11cd2adb5c3b03c0db4da4730dba800ddcf411b203bc2b6a9e3ce3ee7422cbfba60db9c94f7316ef308fe8a93d094af67bff32a1ad02973ff9ff7d58fae4a3fe7682c0b01ece311aafa6d8842953ff12da507702e1f2b274889469972685c4425339d9ecc1ac7e08f3d465c94830cf32614c1453f3a80f7d5cff807bb5215038be27c67975d754fa5ff5aa400835017f7dd8e784a13aaf4504633e55c4edad276e282f7f7d915d24f81ca933189db19c6962f66dacdc03e81bb475519c3ccbcc7227bf5b4ab7fe200cf8b48397162010e5ff8c3786e0dd6cfe553b67827f3a5e6c4a00fa86a762117f9e661b5e3cf916b3fb8dfe44183cf921f4cade39b6b2c6ef435bf39c43f3ac65c611e010c23af7a9d900573e2eef8346ca617896b5216e6b7d52624519e169d6cd7aacea4b7f4cb748f26a574e389a4e0d6b0b10570cb888bdd2a504035ea62b63b351f448bae9f1bde746a090455edc3651269dd36ae259d7dd16d3038d363693e6dbf0afe8b0bc8ea9d33d44342e3348500157a5bc960a5d749edb8356493675c6715140364cf09e32d5b83b4de8eed0770965769641428a5463c3348bded79b53f7c639c2b33b1f6e5cc6e1ddbfe293552087fe21f5dea7a873f3e61d87d3b0f07d8a7b005cc86eef67be26d2af94220a56ade8beee2dedbb8919878c8cf396c05f03d619f93e9d9339235ba46b2669509615d635501582703a260bb068a475f212ba92454eeacab9b5b617e5e8d67ba8bfa4c7b3472000e662eddaee36f1ffab15d5ebac7d7563e6dfb3afac769129b02e2b2d035dce3e4a38745f487f8e814b00a63261cfa165cff0a4a9f9d103521ddf5a7377ccb61c994481a45120ac81aa5fe11de046d66a89e0d3fe6d2c7319825bfdbbaa8fbe7658f946533464be1cf28e0ba19c37963cff22a173c35049b3cdc056f53fadcfb14e51a4ea56fd8fc754a15d65897191ba8d365575a813724132797c8a7c15ec150c300944ead194485d9e5156308242f3fa9b1b03637a86542ca59edbb3bf838ee8643f132131a53e63128baf683cc715725dc3c8cd91ef32eb844db0fe87226d1d11cb81809c87d09d6933c6729fb20bf01d172af4cb1d19c78f4f855fb775a926046cb438f1e08bfe40d5c5d89946ac386d42ca47ed8c2c672e950f4a19c7755d6d8715c02c14f8450e6a2444b6595b3d8f50b1586974586084b759f85012fc596c3397565e9815322da1956b20a5b674d872712897eb0dfa4015028c4cc429cdcffab46844f9eec66ca67c0862d7b0e1af477fee8272292702e5185a25f468e10325001aefb4fd04c20910de316ab6f7efe2e9493233e1eef174c747e2486fd16039e2acdfa7591c2329653a39a495e84a753d731d19e44ab4430ded3be0b792d61f724c99ef4cc57de6d528a45eb664a0a08cfb10011c48c88922f0abc71b7835914fa7a42c4229b1be0f633aa790cae4f3a9406330dcf0246755bc50465b7fe30335b2c87b0d96520a50e127266511e42a3e64cc14ebe1ac2994b40587023551f4cf563b834c8c6a05ae0988b75bae81c82b80e695658e5ae59f745939ca95639b011afcdf666b1a17fca7e31acbb10f8419802dd941d4d7f555dc8b218c1861b360a719979623d02cc18001afaa09807ea62afa6ea91cf19aa9dad6a022e8560e90fe7c04bd2acd3547e8fb8ac45986ad1fd11d41d1dc5f3680dc944d04fb7893340af6b4dd40cf0f540e1e4dd150a45fa70f1ff929b419dfd4f4f8b0fd8f2f9ea9a2313a0b735655df458477dfda3349e2c3964dbd0d1c732683f756ac07088bf68a8ad756bda62e129481655451ceaa3a6319e55fbca63b3b254f4fb4c1d328dd7ad5ab8d7a417b98d8ff4441f69be667af381ca7b3352dbe0f65b60ec950f84c6f090b77fd6d5b91d07b1af960f91ac260456d6ed1d91b03352bf6d56c7a0248c708b732cec221573f276529e8ac8e8fcc3716a7f5bb9f76b41d8d40d01ec4bc0b60b8d881aa9ccdef233859f95b2bfa4e3346fec5b8e076db47760d1790963ed33ff2b3b88715de603432ddb1390766f972d56442e1272d97faf7e3308d1e047e6a3274ff7ef4a2a1824bc1dc6de9bcccf504ae1e56d29ca1d2481aa14a59c7ec080dbf965b96e836cca991acd7ae8c2c145a610e596fb0053aec59e3ff3463d17793527f172c5157edae4e9ceaf2d529bd6bc548316d76f5dcf137b58bb156190b730182e50c7675c9e538fe37119bfb93baf541be4f68d3b8b7d618160d33019e85e2259a0b55636e1c1aaf6addf35c71265440878f4b3c9896932ef149c1668d8897208fe87f3dddbcc1b95f2343abf8e4a7573517dea88582e40debe240574845adf9000b819edb829e25fb5c28881f4b9984aa3e50d376256eabee2a8135d180d268cb67e9ff92a3258fdfbb172568a4810e9d278a3899fec7414c3a2263d9d9417e5adecf11b1c6a9f3b4a69e3158ab074bf4d4d02dc20e63228fce91d6638c277f4a17529e517c519b1ff184c15ab12ab0300470bed7ee92e7bb67ad0830d2842f43a057ab90fe46e0911f0681134970b1b69809e6a5f2a9c7301efcccdd9bac9558867c9442ae41dc1433c0761234281b62ba006f25c675689ce0b4cd359f2d4c979e94ed4b98910a61f8d1ca4e5c93fe98c08e4dba1a24233b61677e33c7e3fa6e9923cda2ede861d82caddb4cec453e5ccb0dcf8d917e95e23d9d1857855fe9d2cdefdeecc6797ff453917974f0f8e227bf1be754e94cef1d47cc3294974906df3b0fccee6f8567c6b08bc7a34051ac84ce9d14f6680f9f9128831fdc9b724330f466b19ec3e674cfdc07597a80cffc1ed092ec9ef296c7b771b2feea302cb1e8c2c3f4651c07bf4e891cc51c6151e05fc1f39a145e93e1315ec4c3b30d69b1c50e65a4f1b4a0ccef226120de95146656713752a3732fd3fe959d70b48748efa658398c3167ce16b1eceaf2d08cb90367f4284edd5d4f8b35dc1fc884d1ca83b14af0cd18b6734c16280dc82797ae87bb47a3cedaa57c913ec5ca495ea0dcab2bea187cfb09b70e16108a25eaf90f1568e48f00bed9a274122f45b84f4d6f2b4ad240d7b5c68fb5a67e3931d24dc71e383ba1a895c2df8f8d285430ff571592ee7c2289036f99b7cc11a33d58e8d8d0962b78a863819e77b18816184f3b60e194030c7ad1b7216fc2d5d47b0484f2a85b0e9deb3482d1d25610334f9e277ad007a06f6e6f3d179124e0fad24a83b4d7f03996391ad3c7f5ead0bfed45efca1d4748c1863d3aed739d48842c67341c06d84f47ffa3b8f6ed0611863afa1f146e442583e9184d67e47a9cc6f51bbbd33dc37786fc9a958a5de543c24d7ef70b041aba9279cb2ef86f7cb99d7a7aae82fb882209c7bcaa9e2fb4c4313d9aacc6f22812f333cd20850db04446de92ce52924335d0bd6ea4d0e72c13dc68c0978f679ce479d1afffb5b7a8d3a658ed7868d1e54b42659e2a2e2b965b4b6ed000995fbccd28ec4126cd40885ff2a38c9255ae537ccadda42793d418348fd7043ce3476abaf91a954ce377a35e6363059579bcaca2d29a0b4f4c03ad60ed2c01636ec4754bec89b2ad02c625e889a83f9709a18f2287c457bc2c35d8f0138e69948a9413000584a9a03b8ea57597622e979b4eebe55db7ee4dda7f9c216861c7d9784cfb3e01e5c38a2dc5c90e6b00bbc91b323fd71221dcaf141e552c9bb025486dbc00866bec19a254d8e70108dfaed0d86ac60e54a7d85f1029cd407c5188e3604809eec7fa7c5c768e5215e50fd3af121d64606596a7fcf484a24eb5fb65dbbdf8eb7dc101253cbb82d31605adf57a9af75cc433562ffe8beb93c89b2a2ab7fb1a1cd5195a1c11774554a32373057f8755a6609b0291bdb80b0653a85043683e81986bf8c5e65b36aae5a3597ad114524b2cf9bab7f338c0f6a7e916b3b075c0c48fec7a87609b04f381e691c079c981a7ff17f3824c913d90ee7a1888ff552af71eb1ac8b33f073f9467c2d6c77426421c08ba868064817ed16bc8ee79d8e793051f85f2e6e0fbd9d54719c6ce6ba81d35b992a3568945c84d6fc5e0927369923d3ae45825ff34139ff4ffee634da205ef596c085c0e1973ea8a6ef4ece79ed1fb3879492e1c6d3ae72526de485a4ea399851ed6ab372497d9fd850df2fe71e5742e7497de40ee06e216843d1b63918816f71795b96af", 0x1000}, {&(0x7f0000001440)="966484a4017eb5b1ee3dfe85276e08a5314315d9acb3843c259dd505ba412b0986e1be1fcc71b0689a94682217ca68504d313b1f96fa81b66829666ab64262bdc20b1a12607cee30a5cb69b7a9ef69c94d41032b1947a510d15218b18fc79a4ecd5561c113283e74270335a81ad2c6f0e11da41b55037d74e88f50b3c7c58c2ed65332a95a89cfdbb9a53db4eabfbb4b7a1f947c174b26d324936b7dbb136afd429d9ecf547ef71f4722dde36b5b826c5fa59ea131d728455a739d3f8b28192913de687abf", 0xc5}, {&(0x7f0000001540)="fb1b6a25fb6f3db440091de66ac7d904103f82e0bc456fcfdab335bdfef1e6789936b0f5e038128c0ad90ca94a1a5d2f5509252df82d369bbd19691924f51907da5d93fdea8881a2cd7613557c6b44c30696155e96513b482282cbf93af4bc72031f19327c489341ee95b46e32e9d510cd313b65169b6cb605489717dc8ee6fe786a4ea326391679c36f0194ac58d8b263fcfa684395833265776cbb2733637b292c6e2a29d41b3d72405be04868cf9e0f2995f26025d8199932610c59d79ce96cae75ace971aa2f88502446fba6b5c99571997575e066a4622dd0093cdcdb134eabf30682ae95518e03166751fb7e0e13c96f6f21fb4afd84e8a4f3cb29f6daf2e6a68eb3856f96567f55abdfe02fbe076322b23ce985fa4327a6ac5f9a19d2643ead929d599ae16c4799ef3fd14c7fa3cf9e4551650e0fea140142426ded0c74d768196e322d859aa34e433a83ebb0c8601d7495293027911c458c439c1fcc579977db3144c38eb6060870e4738c0e606ed28c7cf9e86c92cec49b8c8a2cbc594b154a4585bcd5fad6fed0305dfe5778d401fe3dc7feacdd481302136109c7ef628222d64b3bb5757b51186eab708918ff31296b55dea11f315f2752f9d06932784cadbcc976264bd551f707db8e0512d3182cee4b2f6c3ba26385c3e9d65b95ff294265deaab3e66659e951e2ecad65665d83cd1dfd62a6f0c4298f8f6fa61248728942e7ec2b1a2804faf7489dde6943996e533fb345e98928b034aebbe96445180c72f834ff1ad7a3bef8856e3d65cfbc69a50856dd7e0a17ed6e37f193a280b20aa0d4d16eb588b6321a6bb3487f1216f442885b4063021d0db36de2e6cc328519e3d3dd7030af02af531ca12f0bd9793321a1149e41ebc40661cbeb25441163b3c58e86f3459f770fb6eab981c57f780e787c2079ef63f023c64965d9b50bd2ec86bf69cc23f09d906e5725105d05c0197312945d3740758b0d2b1e73a83231ad71ff97cd37d3a0921127099d9b6edd634829807c6ee2ec2e85edd9066f61773f6505c5f3db3c360fdd9c9b395890676dd8e9100f2b5321801db45e16d9d3918657e95a6fa201d10d925f2e7fd0a83ad3af1b01855d7b355ed193310a8cdfef82dffd6f3b960ed02357ea78515bfdbb8dedd89d972ceae1e09ad498bce859d63e173b59e4e1957268e9ec45045d12f0d305ebd15656597c815c1046a52e26a0c979b11eb2c0b9adfdeee32cea4aeee5c20269cd2098d75b624a6def066eb96c168dbc8280e6dbdb03d8ae4a8ef4e356b518d39e700847e1ba7da4f72e592e99e740a601ba1d3da72aa6b1f92d39d2806715b7e6fbe8687de12d8d247ca9d5e1f25e37a04a6440b159fe99397ee27bbfada75a6b299bfc6f2c1c3de462e8b0b923e805fe7a536db31c8c844452da715fb40664b2a23bef3f4971e7648b9cdbb23db8139e868b7d6b902c8d3d77150bfdfddb358b79a10229230662c961f71c55f69c26414d5aaf733c395f9944dea50bddce0f69aadef994930d2d460d508540216c988c84fd86d432c28781fe2346dca45b149dffd4a5be02f85993584cd09c32bbf216ec7e5b5473cafaeeb0e9c894f3092df6083be86ae2acaacc902f62fb57ba3768e8f83b9654e7b8aa54d62a22111ee39a018afdc9493ac942ed0fa7edf789ea4153f9be79fb2530ec77406f22db6f9be665bd3a4b5a988898c660beec633af32817aaeb17d1fecfbd30562209039372d6e23628461324eabf7e90452f843c2d4db1c9120c2517d5bfaae261be329f087fedde43907a66f15df95dac5de5746f31d593d980aea196f7c1905cf525504d70d6c6000978bb4a01e6a947b96efc7202c34d41943a4b0f0064d0d57f9e1f1da2af3047ddf929136509a555e471e2930245e714097130a8679f9db7f2180b7da8b8d71e06f2e7209e5bd2b4cc338db6844001a5b3516127d8630186a34c4dbc777468b3b92507fc057b8fd84a74f078698d170b0cc1cd24fb288eebf0e92f58ce95d2d91c3128807493adac693a4d78c77b96fd66b23680cd9f00ff7af3e25b4098ad753fd60b6cd61b9ee0399c8c8e4ea61f6b38393ec472e2b44581eecd0814c0ef064d613eedd52be9c23996c016f2bcbd112c1fc16f79b462e6fa4858db9e55f8aacc89c90f0318d87b48ffd8a1c39c2b856e372b601f96ccdd14729c5b6b1a3d10baae3bc613a097724e535cf098d41678590712f5c9e36269f560c9689c9dbfbc6db0782f72e81489f968a41e97f61ce363697d6e65407a040aebd595363d34275e7a599434037b50f5aa2ca903333542ae32802598b467cfb2a869193025422ac9bab32a88d080577d40728e0ad223dbf0f284a040e3219bb619845a234786ab9f19ef14324cadce0d5d81bcdccb1ba70bdfb8a97f98d98950c54eea789c2154ff5e0bc9d9196f9c3136e5f947bff301e809d1fa1dbfe333d342ca8396898f894ee4e30b55a244b09c3c2636f00cfc865a351ae841ab550cd457795a177db9865b67e8035d885b4fde8432992f971372a6f2bab6864387fb57b89bbf0780d776e007bfc4268055b8414f66c472150554e1b87df8f66ac3a175e2c532d2cefd5d8b7ef2d174592991ed328e171965b0cce2858637da554ad3bb9870230c753aad5dc95bda68c3edd7ea7e5a066aca17b4d500115056c560707545f89d80ca333ebb6a7d820b41fb203eae1b6cdc7e66d66514c9b38e59a6fff59d5d153e3a1900d41905eaaae538060c98ac869f0b5c8f1dcfc257b3d0049fe718db2975b3ea229af3005605514ca6bdde7cd32a7942d5a66086e42ddaa013e87ff35d6daf73ac27f005d676ac972ea8c4bb3310ae949c4a1b08df33e48e3599cc94f4cbc3e618b782b58f7bee58bf4621d041d6ad7a203892e7b6a35d87d643c1e07332dd0c5349b25f91d12424c197e346e96526ec0faf1ecc32a6dac6d7a70e577a84621c52b620a55323df2dfc3735f8b8ef8fe0297c4cee6b86d64023d9450d2c6c12107c55ac948a50b3d192d3933a34bf38fba8e489297b7134a0014a86d9c620a7dad16311c624f1ed37afc3d236907196438d46cd6047666dabf1810717b70a9c3bd487de443c9ca3e29f6799bbf40b5b1d7d6a51886b2a24ea42f1e12de3c4d332bb0a7663f75a2f20f94a14c2df5daaf599541b18980b6c20fe4e26f7adf86da40b8f598b0fb4ad321d535b0dfd30908b639fab9146b997474d472c1ede7b975933b63a2f3b2be0b39b921b8970c0e76bf1f7702c34275578a984950c48def802797e445cc1d012fab90d29ba273225dff55d1aad7c50b557f8046167dd73f5b03af3932922d5eb8a6213ce44488780e87687d108e6ff79ec0154b1901035a8163c90654f4bf3e2261fa80cdf3dc38084b76f10621aced8ae284a6e5341b596aedbb0a44e4ffbc6ede251b14b4cdb26fcbc8ae00abc8fb58ead918905085f6ff4ce0b399fd4a08fff9923101e311dba681d590e161e92e6769e38d8bdc86a45087b46c52cf02e18fcd4c14ce898addc8808bb1bc6b9bcbb9f963f42b142aa91e9b104d29d23da068d5ead6992d32b5f440a1f590d19685aac27bab0704c3749915f7da5963b2cf19d53e6f4b3bdead72776037891e30b2f809bb46e44fe23aa0906e4f7c7328674fb3587016837c120cda8da0528899c7026e238008728d7a5d206e563f02328e8e4ffbcbf95788b0892fa56fc725d066420242fa7c3100b6d99a0f93d6084d55738322324f367bdb0c84fce781cf2a97bb96ae0887f111ad0d4cd6acea1343ff299460b9158b868a1a65efa7cd7f42ac19e94f1a92bd0aef779b3dc30332e9cbcb1c6e38a41f4983f98711afaa425abe1b3d9df313c8b432e37becaee9866d263794932720d7c0065eeed0570419d24cf1a465b9a12093f88aeeb198240b8a7f46a626875d223d9ed1e307e6419039185f80e65c4219c6f6633cce96395a9bd4bfa14c176a57ca755c7fbb10510c15f16348e3514d777911d9332ec666fec122c29caaf764da2a819445e21fd8fd29ea673495c7eae61a4662b5c026514dd36ce8e793e46fdb7b9620972b276a9aabb70362c2cda9e1010e43b483586389d3eb900b33fb81883f8775f9010257288d94d00bdc7306cd15fc02947932a39ec05a335c6939bb0b237fac531e8184af1ea97ea9da8736fcbae18db9af1249eacdfb524b16236f1b350976e0084e51732a788be0578749a769daf7c29d66a459808d1005be5be6e000cc7e5a6ce2d09663e808bc4b885b4c213af419e9153c03c6411b16bf7a6e6ee2f3b4438cc233ecf6d36a1fbeb6d7e3192cebb2a6a1e39b992901e1b1e84f53f57d8848ddaff82278f33ea32ed7e3f0fc2b0d00dc1def63fd95bebf5da1dad855319254e4eb31f2ca7b2c2680c60b9f73392ca4830be2069d92c0420b3ee52d9c0e9704ab50f7f7c38e3f54829af9334014ac2871748b1d59b59c41d20df9788e8375b3ec1c66943cdbe54b42184b63b2e027d4488d758f8fcd48288be30672ef12c68044dbcb3d55d2b866dc61ac387580a00ab94d83c73dacf97a65d3debfbd3401332966381a41000d954592647fd20ea37673ee569ec8ae0bbe12a6cdb582666fe4ba1f35def14c13be0e365d089d1e09550746f624859d7c79755103e1d63b90d3c1b6948ebfe03a6a214237695e6a8ef21680051db8c1ffc85862d6117712b3fd6240f44e49b466afd4d5b0f396d8e964e7b7266548a097d1ca5fafb3f75b09dd67e027c1a0ef3a24690ed27ec0d01053fd08e6cc72011152adedf8393e451c349ac49c2b2efd13a6ae5d48bc23ff4b559ae4bb83cc832f8b7bfcf2b3a89c846748d280911ecd0e8f932f85628a67b6a47a531b27c6ff689042b6f265f5472609e4117a9f69e701edf066c920c941d896a696199eaa3eca5c4b4c3d27cea617cb2223e82f7e411fbc381fb4efbe00f8948b8cf01c05e10b4190c71a93f74807a488db16d433a8b9e8312963e3a1850ad9176dae062924987cf7b9317088496117d68bf614ce043756f0ac5dbed353f53fe61b91528a023b409d906d7c72c54a973068032f9644a2575f920a4ffc6ed5415406aa74cb59ba14fbcbc5c1b015335647b84d9a4d516cd36a25abd0eeeb74f2f2a3e3fe12cbf5e9aec76db5628513ad2630f5edafdc20d01985d1016619f7c2e67e50355430dec59eedb14e39ac3818f5930724870b264e536fedeedea5ad608538367e26dd7c6c217df7daa42cbcab8fbc55d592e315f9564e4665af21fba915d62818222a391d1cd594652f505673e7ae8ded1cd9935cf7347f8d4c7ade994fbd4131e50a82f1ca2188436333b4e4a0e2212ce7eb3c5d69dc2acd742f2c4021fe5aa6a18bd135cb379c52f678154fb4d2ab03d8e18b74dea3f1b6f128442a656a4323c1b77ead2acf5c0af2e4971ea61e25e26297a770d2f2004f7b164bce858706dbdda1f2c4fe2d578ca65c539f5089e59bb0df17c85b58c452dfb96a3a9d4ddcd327c9cad2347e17720c8fbf46a98722a3ee4d36273be620cc1ff1773a3d2b4ebeaf9fa48932efa758241a075a03dacca9e9bad0b39b4fe1481713111fd02bf85fd51eece0ae0313d549e8830540bcf9e76d60f1d56b03ecc8bac480a9b46678c7e6b435c3e75e8774aabb66867db1f1470545d0d76a6591b8547ab5f158a3225a603c551f49e9f82819c0e2276bd04e500ef38a26114f9412bb29d83f37bc19f82c507b7f045c422014aa390051ac9dc48da369c1ac94686594cf0ecbe5ce614542a33", 0x1000}], 0x6)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0xcbd761877198161b, 0x0)
ioctl$NS_GET_PARENT(r3, 0xb702, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000580)={0x0, <r5=>0x0})
r6 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r6)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x212, &(0x7f00000003c0)={0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x4, 0xb, 0x2, 0xffff}, &(0x7f00000005c0), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0xfffffffffffffff5)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r6, 0xffffffffffffffff, 0x0, 0x0, 0x0, r7}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r7}, 0xc)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r7}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r5, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000080)='\x00', r7}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000080)='/dev/autofs\x00', r7}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340)={r7}, 0xc)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000003740)={r7}, 0xc)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r10, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$KVM_SET_CPUID2(r4, 0x4008ae8a, &(0x7f0000000240)=ANY=[@ANYBLOB="009f720007000000fe0d11c38aac10e903f76567f45db608fb128680232752e7195fe6cbe03d01bc58fb83e8529819417e29b8be65724274cc7f0000008b209699f5b153c0e17355f6fcd265c8e3cd073992ed2b0d5d052f", @ANYRESOCT=0x0, @ANYRES32=r10])

23:32:30 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$RTC_VL_READ(r0, 0x80047013, &(0x7f0000000100))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r1, 0x540b, 0x2)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS3\x00', 0x40100, 0x0)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f00000000c0)=0x1)
r3 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x9, 0x400800)
ioctl$TUNSETLINK(r3, 0x400454cd, 0x336)

23:32:30 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x62, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:30 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e9", 0x18}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  809.070101] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
23:32:30 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0xfffffdfd, 0x0, 0x0, 0x0, 0x0})

23:32:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="db07000000800800"])

23:32:30 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x10000, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="73797a31155f9ea2d7806caf1758e3544617261b682b3d38548541be7d0bc0e7ea79e421949ed05f05086d3b484255e3ffe897b3417f58a72258075acc472858c0b6341ab0ca4983d35c43d77abf254c91e96bf38d518aeaa01467375dbecc33ef9a1323ba023df8e95bdeee64b306bef4022b00469e9bbc7f39d9bc0c"], 0x86)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000040)=0x6)

23:32:30 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x63, 0x0, 0x0, 0x0, 0x0, 0x0})

[  809.288787] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
23:32:30 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:30 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae8a, &(0x7f0000000080))

[  809.431821] audit: type=1804 audit(1578871950.557:2946): pid=14547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1276/bus" dev="sda1" ino=16978 res=1
23:32:30 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x64, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:30 executing program 0:
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/load\x00', 0x2, 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045540, &(0x7f0000000100))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080))

23:32:30 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x2, 0x0, 0x0, 0x0})

23:32:30 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_open_pts(r0, 0x600)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x80001, 0x0)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000)={<r4=>r3, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000040)={r3, @in6={{0xa, 0x4e23, 0x5, @mcast2, 0x2}}, 0x5, 0xf70, 0x80000000, 0x1ff, 0x1, 0x5, 0x20}, &(0x7f0000000100)=0x9c)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r5, 0x84, 0x19, &(0x7f0000000140)={r4, 0xef}, 0x8)
r6 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r6, 0x84, 0x21, &(0x7f0000000180), &(0x7f00000001c0)=0x4)

23:32:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x84408200}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, 0x0, 0x180, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x1}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_REG_RULES={0x24, 0x22, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x6}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}]}, @NL80211_ATTR_WIPHY={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))

[  809.659282] audit: type=1800 audit(1578871950.597:2947): pid=14547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16978 res=0
23:32:30 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a", 0x24}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:30 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x1000000, 0x0, 0x0, 0x0})

23:32:30 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x65, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:30 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000240)=ANY=[@ANYBLOB="020000800000a000f8242c0a1f97d8843ddde79ba72d5416e0a76a0c37af2b7dac262c01315f08a50ff6339fd0f9cc9e8a8b8a5656e514760c9537e6b7a38ba877f0e5ce42209dd127d44db5bc8af89eb86838e0d8ce683a3a999210c72e2d27259e3865e2755c53a748d6fe287655097ca3d1ec8918d2d1f47b4a9864b9651c6c4c96f3a9e27be3f989c56c900132b3a7030d3e64e1f9e1569876b1dd51e23c4481eedfd809d2d01e27e715d8465239b5ed0f74d72fb45f32ffa2a14ef036c424dfef91049495493575f377ba3bd4fed1e0f1cce0be75073813cd76fac7d991b71f9fa93aa4e0e49d5a00cd3d7b71d0"])

23:32:31 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x2000000, 0x0, 0x0, 0x0})

23:32:31 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x5000aea5, &(0x7f0000000080))

[  809.968125] audit: type=1804 audit(1578871951.077:2948): pid=14606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1277/bus" dev="sda1" ino=17201 res=1
23:32:31 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x66, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:31 executing program 1:
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0xb0237ad489785d21, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000007080)=0x20, 0x4)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r1, 0x540b, 0x2)

[  810.166955] audit: type=1800 audit(1578871951.107:2949): pid=14606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17201 res=0
23:32:31 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0xfdfdffff, 0x0, 0x0, 0x0})

23:32:31 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000)={r3}, &(0x7f0000000040)=0x14)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={r3, 0x80000000}, 0x8)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r4, 0x540b, 0x2)

23:32:31 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x67, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:31 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a", 0x24}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))

23:32:31 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000000)=ANY=[@ANYBLOB="00ea00000000"])

23:32:31 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0xfffffdfd, 0x0, 0x0, 0x0})

23:32:31 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x97, 0x2, 0x78ae, 0x5, 0x3a1a, 0xfe})

23:32:31 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x68, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:31 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:31 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
syz_open_pts(r0, 0x8004)
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000000040)={0xf7, "8577f2eac6a918325f1f64534471ab6e322c1ec71a3fb47c8b6dbf6b4768da1288dfe908d1c3199361773b60e3157276ddeb9d6edb4f6d576b4dc044082124cdd52f73ab822ec3e823b0586685ad8bff2c51b8d27123709b1d8a2eac7893a69ceef2543a2b1b2b614d385dfa22fa941612885ce49b0a6ce00705d3a6c7d707dc6a11ad4665f19baca04465b0be568df18c5f2f0ffdb0db7ca7b42f1a6434b33ab0430c01e7bf4e9b8b9622852877275a283965fb62a4ae59d9e035d3d1db5eafc3a6ac9e04938d0b4b45e99402192aaa7ced4c8bbb3f7ea9c0d890d75855eb03a03440309912eb10a52f0814e003376f1efab4a965cf109b04dadc9bd421b6d97f6f8c2860eae9dbb54d11a7215f6210e0cf893c359be6076e1c8733a036b26089a34bda8a52cc5188a0946373ea34e2ac9f24a71f21cf91cce90cf17f1eed56ff78d008d8dbc359fee0823effdc6c4b7b7158430fc78f7da56ea8607fedd6be527f84e7d5fd4b8fdc2bd5d0f6bf8bccc7b0baa384905a9a7b7663cf206434971543f1ca653c07c948e2645a06d821ec1db34289a2c492a3702653ed77ccbfa21786ac39ad2940e8faaf31382f9ce31c801598818808adb053b432dfa22bc8c80bacd55ef8e400fb9875dda8901f0fe6e3a7a690c070198aa9f73fb93214c12c8ea212eb4aed8385687c2787cf6051102b084aeb62414b4d0915913d2800712d"})

23:32:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000240)=ANY=[@ANYBLOB="030000000000000002000000020000000100000001000000ffffff7f750d000020000000000000000000000000000000080000800080000000000000020000005d00000001000000ffffff7f0000000000000000000000001a383db894ed31c3dcac9c4bf5ab76560400000007000000020000000300000006000000060000006907000000000000000000000000000055fcc011ff858f9edb08a5f7005bb17da8d9ba5585ec68ecbc5497bd169ec47e905d46e40e0b3b08235e112003adb93057212fbafa05fe1c425a22957e3c539be6ae6529017d51dd959fdf3c34b497d69890500980250cf47313b34f3c64ed59bb4814baef6ecf767a8d0c60cc87dd9767c8ca7e68a7638a97c5c10d3b8b188aa67f8a053e03a447098a24504471dfc701d4c3c740e7b22ceeb938b4a5ecb658f4f9bcc95074209eb3533870e16cc5a0b76891cb90"])

23:32:31 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000000)=""/47)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:32:31 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:32 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x69, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:32 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a", 0x24}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:32 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x2, 0x0, 0x0})

23:32:32 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000240)={0x6, 0x0, [{0x4, 0x1000, 0xb, 0x8, 0xa8d5, 0x60}, {0x120000008, 0x1, 0xb0b0c8e93c8059e2, 0x0, 0x0, 0xffffff80, 0x17}, {0x7, 0x800, 0x2, 0xb32, 0x1, 0x40, 0xa4}, {0x0, 0x3, 0x0, 0x1, 0x5, 0x9, 0x10000}, {0x1, 0x20, 0x2, 0x5, 0x5, 0x586, 0x401}, {0x1, 0x7fffffff, 0x5, 0x4, 0x2e07, 0x3, 0x9}]})

23:32:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\a\x00'])

23:32:32 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x80, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000000080)={0x0, 0x4, 0x4, <r2=>r1, 0x0, &(0x7f0000000040)={0x9f0901, 0x3, [], @p_u32=&(0x7f0000000000)=0xffc}})
ioctl$TCGETS2(r2, 0x802c542a, &(0x7f00000000c0))
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(0xffffffffffffffff, 0x3)

23:32:32 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x6a, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:32 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x1000000, 0x0, 0x0})

23:32:32 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000040)=0x3fc00)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
recvfrom$inet6(r2, &(0x7f0000000080)=""/58, 0x3a, 0x2000, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @remote, 0x200}, 0x1c)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:32:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r3, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000007b01000000000000006720424c8f12c68cb03dd5461895ce"])
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000100)=""/7)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r6, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
r7 = dup3(r3, r6, 0x0)
ioctl$TIOCL_GETKMSGREDIRECT(r7, 0x541c, &(0x7f0000000000))
getsockopt$PNPIPE_ENCAP(r7, 0x113, 0x1, &(0x7f00000001c0), &(0x7f0000000140)=0x4)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x41, 0x0)
r9 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r10 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r11=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r9, 0x84, 0x1, &(0x7f0000000000)={r11}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000240)={r11, 0x8}, &(0x7f0000000280)=0xc)
pipe(&(0x7f0000000040))
r12 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r12, 0x4008ae8a, &(0x7f0000000080))

23:32:32 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$KDGETLED(r2, 0x4b31, &(0x7f0000000000))
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080))

23:32:32 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x6b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:32 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x2000000, 0x0, 0x0})

23:32:32 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:32 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f0000000000)=0x2)
syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x1000, 0x1ca2a51c117c636e)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r1, 0x40184152, &(0x7f0000000180)={0x0, &(0x7f0000000140)=[&(0x7f0000000080)="03b886a3280d30a7c873942c5b4886bd0279feda3ead9013a0c3520e4f374de0cefc9f529e4bed6269ee92bd1307488f873d65acdcdbd59b59d1b3d8dfef86ba3d843858c7de8ec0da77da0a794d97ff357e59a08ac4f2072158f7e1dbaed8449b03978976962531ad36798014d82e1695d3568e82a41ed531cdd16e9bc20e63cac372ccb561d284908f2f9a191acadf87f82320fcc8493186a0864f0dd57ff6ce5946"], 0x6})

23:32:32 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0xfdfdffff, 0x0, 0x0})

23:32:32 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x6c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:32 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0xfffffdfd, 0x0, 0x0})

23:32:32 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x0)

23:32:33 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x6d, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:33 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x82, &(0x7f0000000100)={'nat\x00'}, &(0x7f0000000180)=0x78)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='cgroup\x00')
ioctl$SOUND_PCM_READ_RATE(r2, 0x80045002, &(0x7f0000000080))
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r3, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDGKBMODE(r3, 0x4b44, &(0x7f0000000000))
ioctl$KDFONTOP_GET(r3, 0x4b72, &(0x7f00000001c0)={0x1, 0x1, 0x1c, 0x1d, 0x86, &(0x7f0000000400)})
ioctl$TCFLSH(r0, 0x540b, 0x2)
r4 = epoll_create1(0x0)
r5 = epoll_create1(0x0)
close(r4)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000c85000))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f00000000c0)={0x2002})

23:32:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
r3 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@generic, &(0x7f00000000c0)=0x80, 0x80800)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000140)={0xffff, 0x81234a78ae025644, 0x4, 0x70000, 0x200, {0x77359400}, {0x3, 0x3, 0x73, 0xfd, 0xa2, 0x2, "a1a6cdfa"}, 0x7, 0x4, @fd, 0x400, 0x0, <r6=>r5})
ioctl$DRM_IOCTL_SET_VERSION(r6, 0xc0106407, &(0x7f00000001c0)={0x9, 0x401, 0x4, 0x1f})
connect$bt_rfcomm(r3, &(0x7f0000000100)={0x1f, {0x6, 0x2, 0x11, 0x5, 0x3}}, 0xa)

23:32:33 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:33 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x6e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:33 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:33 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x100, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r1, &(0x7f00000001c0)={0xc, 0x8, 0xfa00, {&(0x7f0000000040)}}, 0x10)

23:32:33 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x2, 0x0})

23:32:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000240)=ANY=[@ANYBLOB="5a7d29e0332675b59e739fe58b1d14ac5e9ff11423dd85950639582b808d219e94ba9a5a80f5e714ccd09a48e4baf3b7fb535ac2397c03139ce04053d024ce24f04c1daf493ddb72211f71cd15c860a297b48223ae25eeef588f6a2c95a9a499e93bf877bfac2116826ea6251fed52a0314567d6b2dcc88fa7458396dddb50cc3e3e0cce12380cbcf26da509f6a9ff410274a2c6de5975ebb7b429fb8acb40d27122ee2de62cdb6c577a3355f1ffb7e260adb584b39a849cbf18efd1eab5e2ba8b78da833991b9b67b1635cb"])
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f0000000000)={0x1, [0x9092]}, &(0x7f0000000040)=0x6)

23:32:33 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x6f, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:33 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x1000000, 0x0})

23:32:33 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x70, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:33 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x2000000, 0x9, 0x20, 0x0, 0x0})
r3 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x3f)
ioctl$TCFLSH(r3, 0x540b, 0x2)

23:32:33 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x2000000, 0x0})

23:32:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
accept4$alg(r2, 0x0, 0x0, 0x81800)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000080))
restart_syscall()

23:32:33 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x71, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:34 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x1, 0x40, 0xfffe})

23:32:34 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:34 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0xfdfdffff, 0x0})

23:32:34 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x72, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:34 executing program 1:
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ocfs2_control\x00', 0x20800, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0xff}, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r1, 0x540b, 0x2)

23:32:34 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0xfffffdfd, 0x0})

23:32:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_bt_cmtp_CMTPCONNADD(r4, 0x400443c8, &(0x7f00000000c0)={r5, 0x38000})
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000000)={0x0, 0x1}, &(0x7f0000000040)=0x8)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080)={0x6666666666666bd})

23:32:34 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x73, 0x0, 0x0, 0x0, 0x0, 0x0})

[  813.240082] kauditd_printk_skb: 8 callbacks suppressed
[  813.240099] audit: type=1804 audit(1578871954.337:2958): pid=14874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1282/bus" dev="sda1" ino=17329 res=1
23:32:34 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0x0, 0x5, 0x2, 0x3, 0x5, "727a7cc5123930f0"})
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:34 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x74, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:34 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000000c0)={<r1=>0x0, 0x3, 0xc1, 0x3ff, 0x3ff, 0x7ff, 0x1ff, 0x7, {0x0, @in={{0x2, 0x9, @empty}}, 0x3, 0x1ff, 0x0, 0x1f, 0x7}}, &(0x7f0000000000)=0xb0)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000240)={r1, @in6={{0xa, 0x4e20, 0x6, @rand_addr="10ec9f6b35913b65780e4f82a5d48ea7", 0x1}}}, 0x84)
socket$inet(0x2, 0x5, 0xd3)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae8a, &(0x7f0000000080))

[  813.468297] audit: type=1800 audit(1578871954.417:2959): pid=14874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17329 res=0
23:32:34 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r3, 0xc008ae88, &(0x7f0000000100)=ANY=[@ANYBLOB="01438903b800000000000204000000000f00000000000000000000000000c1ea0000"])
socket$inet6_dccp(0xa, 0x6, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
accept$phonet_pipe(r4, &(0x7f0000000000), &(0x7f0000000040)=0x10)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r7, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
r8 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r8, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r9 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(r9, 0x4c02, &(0x7f0000000140)={0x0, {}, 0x0, {}, 0x4, 0x3, 0xe, 0x1, "4c78a43492a16fb8e86f95b320ed0a3dc26fc8fffec136fe15e8f9eea375529383dbc0e8e35e72f9a51261e34dada621bc6a4099d90dbb8a4dc1e0ced892748b", "79521c3e7dd1cc4befa7201fd57b3bef430ac0f8b78af7490ddb2a86e53f9749", [0x4, 0x3]})
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r9, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r8, 0xc00c642e, &(0x7f0000000080)={0x0, 0x100000, <r10=>r9})
r11 = dup(r10)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
rt_sigaction(0x11, 0x0, 0x0, 0x8, &(0x7f0000000200))
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:34 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket(0x2b, 0x80000, 0x8)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000000)=0x4, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000040)={'ip6_vti0\x00', {0x2, 0x4e24, @multicast2}})
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:34 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1", 0x2d}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:34 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x75, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:34 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f00000000c0)={0x9f0000, 0x401, 0x80, <r5=>r4, 0x0, &(0x7f0000000040)={0x9b0972, 0x9, [], @value=0x20}})
ioctl$DRM_IOCTL_DMA(r5, 0xc0406429, &(0x7f0000000240)={0x0, 0x6, &(0x7f0000000100)=[0x4, 0x6, 0x81, 0x797aca1f, 0x401, 0x9], &(0x7f0000000140)=[0x7, 0x4a], 0x12, 0x1, 0xffffffff, &(0x7f0000000180)=[0x29a], &(0x7f00000001c0)=[0x6, 0x1, 0x7, 0xc986, 0x2, 0x400]})
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))

23:32:35 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x76, 0x0, 0x0, 0x0, 0x0, 0x0})

[  813.936905] audit: type=1804 audit(1578871955.047:2960): pid=14931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1283/bus" dev="sda1" ino=17105 res=1
23:32:35 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r3, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
accept4$unix(r4, &(0x7f0000000040), &(0x7f0000000100)=0x6e, 0x800)
ioctl$KVM_S390_UCAS_UNMAP(r3, 0x4018ae51, &(0x7f0000000000)={0x200})

23:32:35 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0xa80, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TIOCGPTLCK(r2, 0x80045439, &(0x7f0000000040))
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x2)

[  814.060267] audit: type=1800 audit(1578871955.067:2961): pid=14931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17105 res=0
23:32:35 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x77, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:35 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = dup3(0xffffffffffffffff, r2, 0x80000)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000780)={&(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8})
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000180))
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/diskstats\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0205647, &(0x7f0000000040)={0x980000, 0x101, 0x0, r5, 0x0, &(0x7f0000000000)={0x9e0901, 0x43, [], @p_u16=&(0x7f00000001c0)=0x4}})
r6 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_DQBUF(r6, 0xc0585611, &(0x7f00000000c0)={0xe43, 0xb, 0x4, 0x0, 0x17c, {}, {0x3, 0x1, 0x81, 0x2, 0x0, 0x1f, "f9629d0d"}, 0xad9, 0x4, @planes=&(0x7f0000000080)={0x4, 0x610b, @userptr=0x9}, 0x3})
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r7, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDGKBSENT(r7, 0x4b48, &(0x7f0000000400)={0x81, "fb84652cb542a60a1e883c4077d8c5bef2e0cdcf8033320c20d5d033ec24767cee65ec65013b044016d1b3fab1ea8e462c7d9750005ab0376322971066eda239abef2efdb60d57c59605fcc2033f2bcd7c3410ea0afaeb91baf0132f4ef7bc8d41780e8a669f0bd0b98f823d01bf1b2243d510641b740b5ae708722c3e1e481f007be558895f82cdbc4eda863d5718913bce21910b265eb45e1ad184b70a86c127be9a003d9dfc2dedce8be2dd4a848152e1f7a565e1151dd9153eadad7f95a95dfa3658af4de4630d3d9133022032120fb5f756f1b3e2ed158870c8e0fe56a6c06d642e84800651a108d6ed80160423eea8f1567a180299185c99eaac693a86d49872115beb55547b3c9000c2e57c1e495f2357793b9ed13e26077f540d806774b377f10982d9bd409796de5a7fe140cedb77a2de8afedc8e6227c887cea79e3c40b93c48f4d2334a630d15775a8131eaddf1a5b84065edfaa4ef80c53b54c2106382cc402a292e6d790b4c91ff0f52fb2d25841c4dd40ba95f0c8d11ba9b4c2d18561b435cc1779dd66bc7faeaff66f44e5aa11841e5547d8932be8792e8b54ce6e936b87fa9ccadf01934499d793f76f4714ad58b5562e65d89639983a74237834dbcb8d0b59eb291f9e38cf706f7781f1f3832c70dbaad57dba5dcb5b9c44de6f6c400b8a6805e2a563c8e56e47d6b3de288c9dfb07a7416924cd43866b6"})
ioctl$IMCLEAR_L2(r6, 0x80044946, &(0x7f0000000280))
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r9 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r9, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
sendmsg$nl_crypto(r9, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f0000000640)=@upd={0xe8, 0x12, 0x4, 0x70bd2d, 0x25dfdbfc, {{'aegis128l-generic\x00'}, [], [], 0x2000, 0x2400}, [{0x8, 0x1, 0x2}]}, 0xe8}, 0x1, 0x0, 0x0, 0x8008}, 0x40)
r10 = dup(r8)
ioctl$PERF_EVENT_IOC_SET_FILTER(r10, 0x8b05, &(0x7f0000000000)='wlan0\x00')
r11 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r12 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r12, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r12, 0x0, 0x48c, &(0x7f0000000140)={0x2, 'veth0_to_team\x00', 0x4}, 0x18)
ioctl$KDFONTOP_SET_DEF(r11, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCFLSH(r11, 0x540b, 0x2)

23:32:35 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x78, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:35 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x8000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000080))

23:32:35 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x20, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcsa\x00', 0x20000, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VHOST_SET_LOG_BASE(r5, 0x4008af04, &(0x7f0000000500)=&(0x7f00000004c0))
mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, r4, 0x6)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0xc36cc48c734dcce6, 0x0)
syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x6, 0x4080)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1ffffffffffe)
timer_create(0x2, &(0x7f0000000740)={0x0, 0x1c, 0x0, @thr={&(0x7f0000000540)="e70798c722d550bd98c7885ea8cd9226f42e299ed4deae9f97c32e0f60cf40790dcca12f652946aff2f8e2efcb889417b869621c53e5582e5dd8ebc1a7f58c70d6a3cc3ffc09755c6b8768871051e990611a07fb126451d6cefaf627024320d09e5728be107ccdaf970f8e6c56d5caab28208320a77eab071aca94a3cd486a93491b1075cc3161fc6d88b7d51d2f4f9197136ee743f1ccee73dc0026746aaf98df45c634a3bda0068934291e5da25078b3e2cf89b1a32685f2c37aa5885b13aeaf0a84b43bf2a561bbc4078fa3b1f6297a17510a749c2c40a97e64ccc4af7052d44509fb3271990b21aa9012b5ba62", &(0x7f0000000640)="fb9396049712b00857eae58d2d35e5263241fb4d99571c049fa4e6c8c748b849c8d88ab2fc250f4d9a9e3e19af6f485793ce4fad0325d74db3d92abb7a9269bb96ff4a725fbfea8a6f70670a34ca7dac206342de72fad61aafc85332a4e80146ad6ee7245157e14b95b1776501377adc20fdfdef787fc1d96f69797d09fcaafadf788277445289254de97f6444a26294463be550f2bddc40b7e1f222546349e0a60e665eeb137ba21dd25d744911bcfcf9815fd58c6e0312897deb009f179456f7e9b57fe1bb725eaa17253dd8fcf32c6d6172075459a32dbbf8"}}, &(0x7f0000000780))
ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f0000000040)={0xa20000, 0xa3c2, 0x20, <r8=>r3, 0x0, &(0x7f0000000000)={0x9909e1, 0x9, [], @value64=0x1}})
ioctl$KVM_GET_TSC_KHZ(r8, 0xaea3)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000b0601000000000000000000000000000500010007000000ac0e930a3c4815da79c3dc7e1f737f4fe5c597879deda4fe7bf398064b7760482c4f1b73a2aa860097334c880d87748f5852626176eefe66f38b50f0d10c6e581321d8f45a4626f29aea2a901acd9fd69be3d4cc46f9683b8dc3c656f85c1cb3b76c9d8acb4e506f2d0e65cf02b485cffd16318724419da6b58b9b8a00"/168], 0x1c}}, 0x0)
clock_gettime(0x0, &(0x7f0000000480)={<r10=>0x0, <r11=>0x0})
r12 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r12, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_QBUF(r12, 0xc058560f, &(0x7f00000007c0)={0x2, 0x1, 0x4, 0x1000000, 0xfffffc00, {0x77359400}, {0x5, 0x1, 0x3, 0x1c, 0x8, 0x9, "de9f055d"}, 0x7ff, 0x1, @fd=r4, 0x6, 0x0, <r13=>0xffffffffffffffff})
ioctl$VIDIOC_QBUF(r13, 0xc058560f, &(0x7f0000000300)={0x47c00000, 0x6, 0x4, 0x2, 0x7fffffff, {r10, r11/1000+10000}, {0x5, 0x2, 0x0, 0x4, 0x20, 0x1, "0600"}, 0x7a48, 0x4, @userptr, 0xfffffffe, 0x0, <r14=>r4})
ioctl$FS_IOC_SETVERSION(r14, 0x40087602, &(0x7f0000000440))

23:32:35 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1", 0x2d}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:35 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x79, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae8a, &(0x7f0000000080))

23:32:35 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_COPY(r1, 0x4b72, &(0x7f0000000080)={0x3, 0x0, 0x3, 0xd, 0x1e3, &(0x7f0000000440)})
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x400400, 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f0000000040)={0x2, 0x6, 0x5, 0x1})
exit_group(0x2)

[  814.747745] audit: type=1804 audit(1578871955.847:2962): pid=14996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1284/bus" dev="sda1" ino=16677 res=1
23:32:36 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
inotify_init1(0xc00)
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x410100)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000100)={r3, 0x367, &(0x7f00000000c0)={&(0x7f0000000400)=""/4096, 0x1000, <r4=>0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=r4, 0x4)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000180)={0x0, @loopback}, &(0x7f00000001c0)=0xc)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
renameat2(r1, &(0x7f0000000040)='./file0\x00', r5, &(0x7f0000000080)='./file0\x00', 0x2)

23:32:36 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x7a, 0x0, 0x0, 0x0, 0x0, 0x0})

[  814.898478] audit: type=1800 audit(1578871955.877:2963): pid=14996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16677 res=0
23:32:36 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000000)={0x0, 0x34af, 0x1, 0x6, 0x19, "f3f47a7bd6bf1eb0b03b3ac31b85551fae280e"})

23:32:36 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$isdn(0x22, 0x3, 0x26)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendto$l2tp(r1, &(0x7f0000000000)="f8d13d0a17bb71976643f69346951dbd73af883462e86f8f5ad65ac347791c8b8476b33ae4ddf5c9", 0x28, 0x40180, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r2, &(0x7f0000000100)={0x0, 0xfd60, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0000000b0607b041518c2101080000000000000500010007000000800200000073ad339573f25ddabc8a6564985d04ad3f242ed68359e59668decbdf30807470ba46bc54dd1484edfee03c0d18ab8201545b56178b07595dcbe22fe6d4af414f6d57f0c31d2176d02acd904354d45eb26de40d814af2d7b027012e6e63a6716ffe7cd90f08bc83ba9583f02e29c7a11e6d16ad2940daf3218c0454d3c1354a1c13ab1e4eb25462295eb176907131cdbf21010f6cf511d0d80a2675d49bdda690b7dedc2818ae82a0de88467af3b05268d3931899da2a72fb494c171d13011b401cb0d73577c046dc76eb8bd07c9151ce9c673f000000da520cb81c79bb79ba7280315cfb621860690383ee656a169b497a90111a8f824eef2ac713ca7e2d2923de18a0d20e"], 0x1c}}, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(r2, 0x1, 0x53, &(0x7f0000000080)={0x8, 0x7, 0x0, 'syz0\x00'}, &(0x7f00000000c0)=0x2c)

23:32:36 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1", 0x2d}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:36 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x7b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:36 executing program 1:
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x0)

23:32:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000180)=[@sack_perm, @sack_perm], 0x2)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
sendmsg$TIPC_CMD_DISABLE_BEARER(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8040420}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, r5, 0x400, 0x70bd26, 0x25dfdbfc, {{}, {}, {0x14, 0x13, @l2={'ib', 0x3a, 'veth1_vlan\x00'}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x6040}, 0x20000000)

23:32:36 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x541c, &(0x7f0000000000))
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  815.335747] audit: type=1804 audit(1578871956.437:2964): pid=15035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1285/bus" dev="sda1" ino=16677 res=1
23:32:36 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0xfff8, 0x44b, 0x2, 0x8, 0x9, "9a41363fca4e32ff"})

23:32:36 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x7c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:36 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x2ac)
ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000040)="632a63a6a2ecf0d3edfc9a28b2563b33cdb8034494f620c819c63ea8e495a4df94504f7d855eddae32b27491580ab3fe09048d692e06409c3372b87624152507ff43c56f74dbebcc492c10d67bb43be7f8cae2195905e4a69f6d0fe9098bda70adb95fe4b4e665ed91271dbfd5f8736a61c9f321ddc7040200658cd03d500c38dcc86f34cd3ad676834b893c2d2e9496f29305e1254b755daaea2fa3b7b3d3aee9c9fc3a05796204687f873caf95477d2e9df0b8f1be2f46dff3927f844fc1bd60")
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SIOCRSSL2CALL(r3, 0x89e2, &(0x7f0000000000)=@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0})

23:32:36 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b101", 0x2e}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  815.513741] audit: type=1800 audit(1578871956.467:2965): pid=15035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16677 res=0
23:32:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
r3 = gettid()
ptrace$setopts(0x4206, r3, 0x0, 0x0)
tkill(r3, 0x20)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r3, 0x0, &(0x7f0000000000)=""/101)

23:32:36 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x200000)

23:32:36 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x7d, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:36 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
socket(0x28, 0x2, 0xa)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = accept(0xffffffffffffffff, &(0x7f0000000000)=@ax25={{}, [@remote, @bcast, @bcast, @netrom, @remote, @netrom, @netrom, @bcast]}, &(0x7f0000000080)=0x80)
setsockopt$inet_group_source_req(r1, 0x0, 0x2c, &(0x7f00000000c0)={0x7391, {{0x2, 0x4e21, @empty}}, {{0x2, 0x4e22, @loopback}}}, 0x108)
socket$unix(0x1, 0x2, 0x0)

[  815.805928] audit: type=1804 audit(1578871956.927:2966): pid=15078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1286/bus" dev="sda1" ino=17425 res=1
23:32:37 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:37 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x7e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00')
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80010c00}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, r3, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0xffffffffffffffff}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0xffffffffffffffff}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xfffffff9, 0x1}}]}, 0x30}, 0x1, 0x0, 0x0, 0x41}, 0x80)

[  815.930792] audit: type=1800 audit(1578871956.987:2967): pid=15078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17425 res=0
23:32:37 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000040), 0x4)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x40000, 0x0)
getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x8)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000140), &(0x7f0000000180)=0x30)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, &(0x7f0000000000)={0x2, 0xfffffffd, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r4, 0x4b68, &(0x7f0000000000)={0xe3, 0x5, 0x8000})
ioctl$KDFONTOP_COPY(r2, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0xc, 0x20000e, 0xfffffffc, 0x0})

23:32:37 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440)='l2tp\x00')
sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x28, r4, 0x1, 0x0, 0x0, {0x6}, [@L2TP_ATTR_IFNAME={0x14, 0x8, 'batadv0\x00'}]}, 0x28}}, 0x8000)
sendmsg$L2TP_CMD_SESSION_CREATE(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20100808}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x8, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4050850}, 0x6a800)
sendmsg$L2TP_CMD_SESSION_MODIFY(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r4, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x4}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x3}]}, 0x34}}, 0x0)

23:32:37 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b101", 0x2e}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VHOST_SET_VRING_CALL(r2, 0x4008af21, &(0x7f0000000000)={0x5b7b751a6953feb})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
getdents(0xffffffffffffff9c, &(0x7f00000000c0)=""/211, 0xd3)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000080))

23:32:37 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x11, 0x139, 0x0})

23:32:37 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x82, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:37 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x83, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:37 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1cfeffff0a0601000000000000000000e5ff7f000500010007000000c46130091ad9168e38f7eb63176a4e4567eb5383af5eb3e35a54096f9151213cfb809ca8cf04805b35241fd39a82a4505b1c63e964f90cbac69691320432b2"], 0x1c}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000200))
ioctl$UI_GET_VERSION(r2, 0x8004552d, &(0x7f0000000240))
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_S_SELECTION(r3, 0xc040565f, &(0x7f00000001c0)={0x3, 0x287, 0x2, {0x6, 0x7, 0x40, 0x2}})
setsockopt$netrom_NETROM_IDLE(r2, 0x103, 0x7, &(0x7f0000000080)=0x1, 0x4)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={<r4=>0x0}, &(0x7f0000000040)=0xc)
ioprio_get$pid(0x0, r4)

23:32:37 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCGPTLCK(r0, 0x80045439, &(0x7f0000000000))
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
setsockopt(r2, 0xffffffff, 0x0, &(0x7f00000000c0)="9b80161d278ed3bf253ae92fd5b4cb538c24c73b26342f39718ce28461739a17bb741e6521ccd2d1a781d7d6dfef9d5e4ee73fe980df93024c9bb6013b87108b2c74e682bb", 0x45)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000280)={0xfffffff9, 0x400, 0x5, 0x2}, 0x14)
r5 = syz_genetlink_get_family_id$gtp(&(0x7f0000000180)='gtp\x00')
sendmsg$GTP_CMD_NEWPDP(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r5, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@GTPA_I_TEI={0x8, 0x8, 0x2}, @GTPA_MS_ADDRESS={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @GTPA_O_TEI={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4001)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_PCM_IOCTL_STATUS32(r3, 0x806c4120, &(0x7f0000000040))
ioctl$TCFLSH(r1, 0x540b, 0x1)

23:32:37 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
r3 = syz_open_dev$vcsu(&(0x7f0000000000)='/dev/vcsu#\x00', 0x4d, 0x10000)
sendmsg$kcm(r3, &(0x7f00000006c0)={&(0x7f00000000c0)=@sco={0x1f, {0x4, 0x1e, 0x5, 0x1, 0xe6, 0xb9}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000240)="1c3ab1c7b83fb6c88d69716c9accc50873085f0a999181aeef5268f416a44f4c79b2b5b1f69998d4dfbcd58c2f1bac0750a51f69b2ae60dff7c182f8656182ad8b720bcb8b2f6ef1eb85fdb990d9a5c6b4289a325d1230ea8de7e0d1fd4d1e715c1feedfabdd2cdd853837daa92bcb0da3400d803f8da295c6cceae6d95f376f1170a147955b2c248b21420049db351a8208ec93f1a63168f734281b0299aad576392ad0e279ca54458fb2ee2c314d5a413127b53f8ae807741dfa699bf2335f5ab98bb53c100db7e924ebb6bf90deac91dd1f0f7524e25d0fe86be28f285111c9459b2591aec06db1ead4293312fe4269c99643440fa6b4875a034e578f1f", 0xff}, {&(0x7f0000000340)="c715f9bce2e786152cbab9d42bbf2c087e3cb7f6ee998b86d4153ebbb4b5f918678c3d1e9d1f0c442fe7fb1497f7093c566db5e91e150731e8f00e8de7c4ce498b3695a4018a829c240c10be4b5884f3b62dcaa5c2b5d9dc5d0e7886305ad92824a26efc7d866a553d169fef6ddbcda33b57953e29d2112c196209d85e29b59a4ca2c7ef74ed888e704e967fb2162dcc4f26426ec8a0d2bb234001c0e07f7e83d41cf7df8aed15126e16fca404e7133a56e46fc7795f102caaa511d0cb25d217b9e73a0da3f52ad00932b7e7fc34ae294d29529349eb81cdd4911d910dbe22aa3ad406f7f3", 0xe5}, {&(0x7f0000000040)="7cb5fe803c4e62e6c608bde84e4ad108bccba8a357950153285dd09654c24f6d3eee987d2ab2f476b2d7879d8f688a2898cef0cfd5", 0x35}, {&(0x7f0000000140)="3ed2c3035b88aefc6c9ea5e752ee6c46240a8ea74ce840063a8e9ecbf8423d8f36841c39d966b3e3e1af2004fb84e3607600e824ba5c6d68f8c4e3a1bd689236bb6e6c806d4f1f4a48f8da3d8ea3633933be33f0aa6cd9d34954baee3be78d825532f12e13098fe7b9497eb6dfafcfd404ff5028cf6caf0b87d5b0182c3d883897da55", 0x83}, {&(0x7f0000000440)="26d075b419a78794a819b6312f27ca17d4f6e46c631b166006011901c19ba4fe98480654d0dcde6e65df98f874dca269c114b6e291ee570da54f70e3857fb7d50dc3cd1d6d52ac8fc70e3d2b7a3760eaa731517f4ea855b3878cb7a882873d93da84f7e8fdf5fd98c7280868e8b99dc9e049d6d9e0cbdc856c7f2beee79454798d75de585fcf7c67e13992b4f7a5606b7119dffbc7f6f81c33076cb6b84e14fed3142f6da19d0e620cd3d27b93c3ee61c1b73239", 0xb4}], 0x5, &(0x7f0000000580)=[{0x88, 0x213, 0x3, "645b19f8d6f36087b48ef387bccbc570ddd00fb7b009bb456852e64524e4ef0a1b10441b3b77d7c8d7667aadf85a0b9aa351b25209d3189794fb70b1313f6561801766399084deee3a4a0161bdccbb252eacae356d110c835bd0f6e3044259ae40eb6eb62bb2ab102c2f069309b2815fe8e9"}, {0x98, 0x3a, 0x3, "daf575b2514d208a903004cfde4dd22b139b2b340b052476fc16474d23539069edde71276ffbe64ec0842909b8c81acfb0801043758bafc799e97c8dc1dd008baebaa97e823180d5476106fbe96c8d9e111c0d99acea1869a0edcfdd7b03445a03f910299e0799e6078fe0d711f83210b53431a312e8853dceffa5cbb769f2e8051c82fd"}], 0x120}, 0x20040004)

23:32:37 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0x2, 0x46, 0x1, 0x1, 0x6, "f99accaf4023d7a2"})
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video2\x00', 0x2, 0x0)

23:32:37 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b101", 0x2e}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:38 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x85, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))

23:32:38 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000001680)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000640)='/dev/zero\x00', 0x14000, 0x0)
ioctl$TUNGETFILTER(r2, 0x801054db, &(0x7f0000000680)=""/4096)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000000)=0xe816)
r6 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000300)={@remote, @local, <r7=>0x0}, &(0x7f0000000340)=0xc)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000440)={0x1d, r7}, 0x10, &(0x7f00000004c0)={&(0x7f0000000480)=@can={{0x2, 0x0, 0x0, 0x1}, 0x6, 0x2, 0x0, 0x0, "1b161ec802280ccc"}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
sysfs$2(0x2, 0x8000, &(0x7f0000000540)=""/231)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
openat$cgroup_ro(r6, &(0x7f0000000140)='memory.current\x00', 0x0, 0x0)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="2459ef59fc6f8963013775a364f61d9659085ee4d4eb515fcebcbab97b29fef8899142000000000000cc8d8a74d56e631e57d58575be9ab3c1262a3d0ea5aae49fff76593c7d83ed72d3d1da3271354f5b58d6340447e70615b6f6e82c72c766492474e7ef91c9d7fd0f5c2cfcf08767925c5093ee314fa1d823fd487e5a187b1faf3e86651331f2f0ac021ec1c6edb72aa87813763d04a976eb2af8912f76b40ad4ddd22e25838d", @ANYRES16=r4, @ANYBLOB="3f02000000000000000001000000000000000c4100000088001462726f6164636173742d6c696e6b0000"], 0xa4}, 0x1, 0xfffffff0}, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r1, &(0x7f00000000c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2002}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, r4, 0x400, 0x70bd29, 0x25dfdbff, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0x8002}, 0x4)

23:32:38 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x86, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:38 executing program 3:
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f00000000c0)={0x9f0000, 0x200, 0x6, <r0=>0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x980924, 0x0, [], @p_u32=&(0x7f0000000000)=0x10000}})
setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000100)=0x10000, 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
bind$l2tp6(r2, &(0x7f0000000140)={0xa, 0x0, 0x9, @ipv4={[], [], @empty}, 0x5, 0x4}, 0x20)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000080)=0x8, 0x4)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae8a, &(0x7f0000000180)=ANY=[@ANYBLOB="0000002000458d000000000000eab0a19716690000000000000000c2de38388a8891baf9c131710161a851a85501ae3f376ea271577ab7878b938ed0020107ee49a124f9c4fcd4ed33b5b9117579ef51963515251a5b7a0435c73d1d06559ac0dceb57be893788d8d7d91da5b04100"/125])

23:32:38 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x1b, 0xfffffffc, 0x0})

23:32:38 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:38 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x87, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:38 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00')
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="05040000000000008600007e000000"], 0x14}}, 0x0)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz'}, &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r4, &(0x7f0000000240)=""/112, 0x349b7f55)
r5 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz'}, &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r5, &(0x7f0000000240)=""/112, 0x349b7f55)
r6 = request_key(&(0x7f0000000300)='dns_resolver\x00', &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000400)='\'^+posix_acl_access\x00', r5)
keyctl$reject(0x13, r4, 0x90, 0x0, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@local, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@loopback}, 0x0, @in=@initdev}}, &(0x7f0000000180)=0xe8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'ip6gre0\x00', <r9=>0x0})
r10 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ubi_ctrl\x00', 0x100, 0x0)
getsockopt$PNPIPE_INITSTATE(r10, 0x113, 0x4, &(0x7f0000000480), &(0x7f00000004c0)=0x4)
sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x40, r3, 0x300, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r9}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x2}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x2, 0x2}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x10044006)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x8, 'vlan1\x00', {'team0\x00'}, 0x1f})

23:32:38 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDMKTONE(r0, 0x4b30, 0x7)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x9, 0x0, 0x10000, 0x0})

[  817.524494] encrypted_key: insufficient parameters specified
[  817.562557] encrypted_key: insufficient parameters specified
23:32:38 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x88, 0x0, 0x0, 0x0, 0x0, 0x0})

[  817.611148] encrypted_key: insufficient parameters specified
[  817.631854] encrypted_key: insufficient parameters specified
23:32:38 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$IOC_PR_PREEMPT_ABORT(r1, 0x401870cc, &(0x7f0000000100)={0x8, 0x7, 0x2, 0x4})
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x20000, 0x0)
getsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000140)=[{}, {}, {}, {}, {}], &(0x7f00000000c0)=0x28)
ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x5457, &(0x7f0000000000))

23:32:38 executing program 1:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x1200c0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000640)={0x53, 0x3, 0xc7, 0x40, @scatter={0x6, 0x0, &(0x7f0000000400)=[{&(0x7f0000000040)=""/128, 0x80}, {&(0x7f00000000c0)=""/139, 0x8b}, {&(0x7f0000000840)=""/220, 0xdc}, {&(0x7f0000000780)=""/134, 0x86}, {&(0x7f0000000300)=""/141, 0x8d}, {&(0x7f00000003c0)=""/16, 0x10}]}, &(0x7f0000000480)="6daeb0f218e94dba1637b85c8c097a56cb9bb63921b7a018f27aba944328bb5e9bb5665df4b8c1d3d84513455b28a82d37e3d33ce3338b1bec94ea42975e43819ac1e0d91cdd8faa407b3f115c6d0df892bb6db601d7689b5dc041039a08b0ad09c2244119c41e3690647ad251409f5dcd1958a2e831955cc98e70e7b017889a3c206d288e799f0dfaac316328eda5098e69ead17bf4e32e7e61432ff45cf1db5fb7a2d0b2b08f4cfab69762ff815dd690d20754fd0bae831ebbdb8991f923682d46f3e7261184", &(0x7f0000000580)=""/81, 0x3, 0x0, 0x1, &(0x7f0000000600)})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f00000006c0)='trusted.overlay.opaque\x00', &(0x7f0000000700)='y\x00', 0x2, 0x0)
ioctl$TCFLSH(r1, 0x540b, 0x2)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$EVIOCSABS3F(r2, 0x401845ff, &(0x7f0000000740)={0x996, 0x3f, 0x6, 0x3, 0x9})

23:32:38 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x89, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = gettid()
getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30)
ptrace$setopts(0x4206, r4, 0x0, 0x0)
tkill(r4, 0x20)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={<r5=>r4, r1, 0x0, 0xd, &(0x7f00000001c0)='security$GPL\x00', 0xffffffffffffffff}, 0x30)
r6 = syz_open_dev$midi(&(0x7f0000000280)='/dev/midi#\x00', 0x3f, 0x511000)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
kcmp(r5, 0x0, 0x0, r6, r8)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r9 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sequencer\x00', 0x4041, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r10, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
ioctl$sock_inet6_SIOCDELRT(r10, 0x890c, &(0x7f0000000480)={@mcast2, @local, @loopback, 0x100, 0x8001, 0x0, 0x100, 0x6c9bf9b3, 0x100000, r13})
r14 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r15 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r15, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r16=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r14, 0x84, 0x1, &(0x7f0000000000)={r16}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r9, 0x84, 0x6d, &(0x7f00000000c0)={r16, 0x9, "cb2b880476f42dbf9e"}, &(0x7f0000000440)=0x11)
r17 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
tgkill(r5, 0xffffffffffffffff, 0xb)
syz_open_dev$audion(&(0x7f0000000340)='/dev/audio#\x00', 0x5, 0x40)
r18 = openat$cgroup_ro(r9, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r18, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r18, 0x84, 0x8, &(0x7f0000000140), &(0x7f0000000180)=0x4)
ioctl$KVM_SET_CPUID2(r17, 0x4008ae8a, &(0x7f00000002c0)=ANY=[@ANYBLOB="fdbf00be6da52f014e997bc2fae469f60f4963d083defc2962e3dc6ba06d19d0c9d853e2af46d3fb591802f375129e98ec5a6036094de3be6468f10a4016d1f649bfc950"])

23:32:39 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x4c, 0x0})
socket(0x21, 0x8000a, 0x1)

23:32:39 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:39 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x80, 0x0)
ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="8400"/72])
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSBRK(r2, 0x5427)

23:32:39 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x8a, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:39 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:39 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:39 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, &(0x7f0000000080)=0x3f)
ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x3)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000000000)={0x3, 0x0, 0x1d, 0x12, 0x57, &(0x7f0000000400)})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000040)={0x6666666666669b9})

23:32:39 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x8b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:39 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000000)={0x3, 0x1, 0x0, 0xb, 0x0, 0x0})

23:32:39 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = gettid()
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x20)
r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/status\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x3b, 0x1, 0x1, 0x20, 0x0, 0x1, 0x82010, 0x9, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x810, 0x9, 0x7f, 0x8, 0x0, 0x6}, r1, 0xb, r2, 0xb)
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:39 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x4ae, 0x1, 0x8, 0x8}]})
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:39 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x8c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:39 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000140))
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000000)={0xff, 0x0, 0x0, 0x9aa, 0x5, [{0x4, 0x4d3c, 0x9, [], 0xd00}, {0x6, 0x2, 0x4, [], 0x2202}, {0xe7a, 0x9, 0x800, [], 0x363738a517aebad2}, {0x6, 0x0, 0x4, [], 0x1004}, {0x7, 0x8001, 0x8, [], 0x7015}]})

23:32:39 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem\x00', 0x100, 0x0)
r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ocfs2_control\x00', 0x101000, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="8102e974e343fc3ca001425f64cfecd703656966304f9f2e8ebc57065d647d1c"])

23:32:39 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000080)={0x9, 0xc, 0x4, 0x10, 0x7fffffff, {0x0, 0x7530}, {0x1, 0x0, 0x2, 0x20, 0x40, 0x6, "12a7c755"}, 0x5, 0x3, @planes=&(0x7f0000000240)={0x80000000, 0x6, @fd, 0x9}, 0x1, 0x0, <r3=>0xffffffffffffffff})
syz_open_pts(r3, 0x200000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r5, 0xc080661a, &(0x7f00000002c0)={{0x2, 0x0, @identifier="c91ac27e920ae1c886259b5827136b28"}})
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r0, 0xc0305302, &(0x7f0000000000)={0x0, 0x9, 0x8, 0x80000000, 0x3f, 0x6})
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r7 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r8 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000280)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="000426fd7000fedbdf994c3608b6691acd00fe8000000000000006000000000000bbf4ff04007f000090d21f7cfc3d3101"], 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r7, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x40, r8, 0x20, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr="d63ecabba10bd504066be4f1171ff6ef"}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x42001}, 0x9f65c3322ed3ebb8)
ioctl$KDFONTOP_COPY(r6, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:39 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x8d, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:39 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f00000002c0)=ANY=[@ANYBLOB="6bb85c61c1cfc2095a2f14d7afc9362d81fd05d82b176f6a8c7241f80627b1803077e25cf3cb832583543668a6b77745"])
ioctl$TIOCSSERIAL(0xffffffffffffffff, 0x541e, &(0x7f0000000000)={0x8, 0x0, 0x1ff, 0x748, 0x1ff, 0x7, 0x2, 0x401, 0x71e7, 0x8, 0x5, 0x6, 0x6, 0x1000, &(0x7f00000000c0)=""/237, 0x4, 0x8, 0x7})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f00000001c0)={0x0, 0x40000, <r3=>0xffffffffffffffff})
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$DRM_IOCTL_GEM_OPEN(r4, 0xc010640b, &(0x7f0000000240)={<r5=>0x0, 0x0, 0xffffffff})
ioctl$DRM_IOCTL_GEM_OPEN(r3, 0xc010640b, &(0x7f0000000280)={r5, 0x0, 0x1})

23:32:39 executing program 1:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xe961a0afc7f7e44f, 0x0)
setsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000040), 0x4)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r1, 0x540b, 0x2)

23:32:40 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
userfaultfd(0x400)

[  818.936242] kauditd_printk_skb: 8 callbacks suppressed
[  818.936263] audit: type=1804 audit(1578871960.057:2976): pid=15315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1291/bus" dev="sda1" ino=17641 res=1
23:32:40 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
alarm(0x1000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
flistxattr(r1, &(0x7f0000000000)=""/168, 0xa8)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_CPUID2(r7, 0x5000aea5, &(0x7f0000000140)=ANY=[@ANYBLOB="000000000000000015286bd1775f6d3eae95043ed595d375b65d6c5e469b1647ac0800000000000000f167b997e354a480ea0efbaf1a3641894d17b0968be1c5ff822c90e5f6aaa45a40e16b5e6e7a691010cf51e00544c397cd51271eb351df68414777d18dadc5e51262d89e71e2b7d2d7aab1235a1200"])

23:32:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
fadvise64(r1, 0x5, 0x9, 0xf01127f75b5c045f)
pipe(&(0x7f0000000000)={<r3=>0xffffffffffffffff})
write$vhci(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="031f72e22f98b267c96005bf16a10336d154210eb7a425b201f9d486716a5c0a2f50685b2c505ea8508d5d164fae3c73a0c59653928bd233e66d9c0a00a85ed19d0d83fd2695e14c7010d07f06f0e03a28b10c803c41715f5cda5b528e9b3445b58a8f28af563c3a6fff52bf5ed6245cb67269dc0ef2dbf459a06fe8ac95ddb4cbff11dc823c3688fa0ca8551ce58daec7adc2bc9a7c946c78e53c88"], 0x9c)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$USBDEVFS_SETCONFIGURATION(r4, 0x80045505, &(0x7f0000000040)=0x8)

23:32:40 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x8e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:40 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x10001, 0x8, 0x150, 0x7, 0x9, "5ad557c0563f689c6d4d14865be44f79e08b09"})

23:32:40 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0xfffffffe, 0x1, 0x3, 0x0, 0x0})
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x8220, 0x0)
ioctl$TIOCMSET(r1, 0x5418, &(0x7f0000000040)=0x2)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000080)={0x1, 0x9, 0x4, 0x2000000, 0x10000, {0x77359400}, {0x5, 0x1, 0x3, 0x8, 0x4, 0x0, "3022c47d"}, 0x5, 0x2, @userptr=0xfffffffffffffffe, 0x9, 0x0, <r3=>r1})
ioctl$PPPIOCGIDLE(r3, 0x8010743f, &(0x7f0000000100))

[  819.123798] audit: type=1800 audit(1578871960.107:2977): pid=15315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17641 res=0
23:32:40 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x0, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
ioctl$sock_SIOCGIFCONF(r1, 0x8912, &(0x7f0000000000)=@buf={0xe0, &(0x7f00000000c0)="40e3b9580f8e426f2c89b5c69597ce4aeb809cfbc9c3dde7c4ecf2b5106b9a0ff9e1078500011104908f549794e23f03fc81caad44d9951d3b71971c1aa773c7acd6d2f7dd3db04669b6160b10a7322ae4fded7b9ead0113fcf29d3c0b49a1caa9ea94dd78ff6b613b77399b914ef58c45595cb3dbf3c2181c76e8b4f02ca007f129970729138ab26b45b8718645f51438217aa77d8f31531565a7b1c1e8fe17886bb682816d12c9060241f60876e8a7a764ac36383b7fdcdc2fe2c079df73a34de5de00fb12ec722a470a8d8dc54768f6a6ea409be522904356b29621b9688d"})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000080))

23:32:40 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x8f, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:40 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_DISABLE(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x44000000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x124, r2, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x20, 0x2, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_BEARER={0x68, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @rand_addr=0x2}}, {0x14, 0x2, @in={0x2, 0x4e21, @remote}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffffff9}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_NET={0x44, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1ff}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8001}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x100}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}, @TIPC_NLA_LINK={0x2c, 0x4, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_SOCK={0x18, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}]}]}, 0x124}, 0x1, 0x0, 0x0, 0x24000080}, 0x4000800)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCGETX(r1, 0x5432, &(0x7f0000000000))
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:40 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB="010000b8", @ANYRES32=<r3=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000)={r3}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000040)={r3, 0x6}, &(0x7f0000000080)=0x8)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000000c0)={'gre0\x00', 0x200})
ioctl$KDFONTOP_COPY(r4, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:40 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x90, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:40 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)

23:32:40 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x10000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="000000008e0000206786a21f976b07b55e49903b510b7eb600df448e2f761a940870493cc7a3939ab245f9ddb0395a45464b6fda1575ac7954436dd903704c1d70d3c3ea266a1a4af5134e1da9098ab13b08cb2f8e2413dfbd91f74258f0ee58cbb265c03bd15016eb8c0514b1fb1b8e4b8dc2e80c112a63559e7370d78dd5f20eaa187740527a38c6e50daf2b43d10de26ce55a9b61a180bdeb7ed398aa73785fd4"])

[  819.632396] audit: type=1804 audit(1578871960.727:2978): pid=15366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1292/bus" dev="sda1" ino=17643 res=1
23:32:40 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd, 0x0, <r3=>0xffffffffffffffff})
r4 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r10, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r14}}, 0x20}}, 0x0)
r15 = socket$nl_route(0x10, 0x3, 0x0)
r16 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r15, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r17}}, 0x20}}, 0x0)
r18 = socket$nl_route(0x10, 0x3, 0x0)
r19 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r19, &(0x7f0000000100)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r18, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r20}}, 0x20}}, 0x0)
r21 = socket$nl_route(0x10, 0x3, 0x0)
r22 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r22, &(0x7f0000000100)={0x11, 0x0, <r23=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r21, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r23}}, 0x20}}, 0x0)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
r27 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r27, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r27, &(0x7f00000001c0)={0x11, 0x0, <r28=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r29 = socket$nl_route(0x10, 0x3, 0x0)
r30 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r30, &(0x7f0000000100)={0x11, 0x0, <r31=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r29, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r31}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, <r32=>0x0}, &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={<r33=>0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, <r34=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, <r35=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
r36 = socket$nl_route(0x10, 0x3, 0x0)
r37 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r37, &(0x7f0000000100)={0x11, 0x0, <r38=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r36, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r38}}, 0x20}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000cc0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000c80)={&(0x7f00000005c0)={0x69c, r4, 0x20, 0x70bd2c, 0x25dfdbff, {}, [{{0x8, 0x1, r7}, {0x1c0, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x2, 0x40, 0x5, 0x9}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0xd20}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x7fffffff}}, {0x8, 0x6, r10}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x3, 0x2, 0x8, 0x101}, {0x1, 0x4, 0x6, 0x7}, {0x1, 0x0, 0xf9, 0x96}, {0x9, 0x0, 0x39, 0x6}, {0xff, 0x3, 0x4, 0x8}, {0x2331, 0xeb, 0x6, 0x8000}]}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x2e, 0x6, 0x90, 0x3}, {0x94, 0x8, 0x8, 0x5eba00}, {0xc10, 0x89, 0x2}, {0x2, 0xa8, 0x3, 0x80000000}, {0x503c, 0x5, 0x1, 0x80000000}, {0x100, 0x9a, 0xea, 0x6}]}}}]}}, {{0x8, 0x1, r11}, {0x270, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r17}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r20}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r23}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x88fd}}, {0x8, 0x6, r26}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r28}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r31}}}]}}, {{0x8, 0x1, r32}, {0x10c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x9b}}}, {0x84, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x54, 0x4, [{0x46, 0xd, 0xa2}, {0x30, 0x8, 0x3, 0x1}, {0x82c2, 0x20, 0xdb, 0x401}, {0x1, 0x0, 0x81, 0x7de}, {0x1, 0x0, 0xe0, 0xb6d}, {0x3e91, 0x8e, 0xfe, 0xffff}, {0x100, 0x3f, 0x0, 0x7}, {0xf9, 0x88, 0xc6, 0xfffffffb}, {0x8, 0x6d, 0x4, 0x3}, {0x1, 0xc8, 0x3, 0x8}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r33}, {0x12c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x5b}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r34}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r35}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r38}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x9, 0x7, 0x8, 0xfffff801}]}}}]}}]}, 0x69c}, 0x1, 0x0, 0x0, 0x84}, 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:32:40 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x91, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:40 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000040)={0xe596, 0x6, 0x6})

[  819.754836] audit: type=1800 audit(1578871960.767:2979): pid=15366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17643 res=0
23:32:40 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x0, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:40 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r2, 0x8004e500, &(0x7f0000000040)=r1)
ioctl$TIOCGISO7816(r2, 0x80285442, &(0x7f0000000080))
ioctl$TCSETX(r1, 0x5433, &(0x7f0000000000)={0x8, 0x3, [0x9, 0x7fff, 0x8, 0x200, 0x6], 0x2})
ioctl$TCFLSH(r0, 0x540b, 0x1)

23:32:41 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x92, 0x0, 0x0, 0x0, 0x0, 0x0})

[  819.880590] protocol 88fb is buggy, dev hsr_slave_0
[  819.885768] protocol 88fb is buggy, dev hsr_slave_1
23:32:41 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x0)

23:32:41 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r3, 0xc0385720, &(0x7f0000000040)={0x1})
ioctl$VIDIOC_S_SELECTION(r1, 0xc040565f, &(0x7f0000000000)={0x4, 0x102, 0x2, {0xa095, 0x1, 0x0, 0x8001}})

23:32:41 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair(0x1d, 0x80000, 0x6, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bind$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x1, {0xd0, 0xf4, 0xc0, 0x1, 0x5, 0xff}, 0x7ff, 0x1f}, 0xe)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000080))

[  820.083805] audit: type=1804 audit(1578871961.207:2980): pid=15423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1293/bus" dev="sda1" ino=17650 res=1
23:32:41 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x93, 0x0, 0x0, 0x0, 0x0, 0x0})

[  820.207460] audit: type=1800 audit(1578871961.257:2981): pid=15423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17650 res=0
23:32:41 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
finit_module(r2, &(0x7f0000000000)='//\x00', 0x2)

23:32:41 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x0, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  820.318405] can: request_module (can-proto-6) failed.
[  820.360603] protocol 88fb is buggy, dev hsr_slave_0
[  820.365743] protocol 88fb is buggy, dev hsr_slave_1
[  820.440586] protocol 88fb is buggy, dev hsr_slave_0
[  820.442544] can: request_module (can-proto-6) failed.
[  820.445941] protocol 88fb is buggy, dev hsr_slave_1
[  820.520613] protocol 88fb is buggy, dev hsr_slave_0
[  820.525774] protocol 88fb is buggy, dev hsr_slave_1
[  820.600577] protocol 88fb is buggy, dev hsr_slave_0
[  820.605067] audit: type=1804 audit(1578871961.727:2982): pid=15463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1294/bus" dev="sda1" ino=16887 res=1
[  820.605727] protocol 88fb is buggy, dev hsr_slave_1
[  820.653436] audit: type=1800 audit(1578871961.777:2983): pid=15463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16887 res=0
23:32:41 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
ioctl$EVIOCGBITKEY(r1, 0x80404521, &(0x7f0000000000)=""/1)

23:32:41 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x8, 0x20004)
ioctl$FBIOPUT_CON2FBMAP(r1, 0x4610, &(0x7f0000000280)={0x3b, 0x2})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x100000000, 0x220002)
ioctl$TCSETAF(r3, 0x5408, &(0x7f0000000100)={0xbb, 0x8, 0xd070, 0xffc1, 0x13, "c515f99dfd54fb93"})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r5 = openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r8, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000400)={{0x10000, 0x1, 0x8, 0x81, 0xd3, 0x7, 0xff, 0x7, 0x2, 0x1, 0x1, 0x5}, {0x4021f8e13a81f158, 0x6000, 0x0, 0x2, 0x0, 0x9, 0x5, 0x5, 0x81, 0xca, 0x5c}, {0x3000, 0x2000, 0xd, 0x6, 0x2, 0x5, 0x1f, 0x3, 0x7, 0xff, 0x6, 0x83}, {0x2004, 0x6000, 0x9d83a2bf2ff06750, 0xa6, 0x2d, 0x1, 0x18, 0x4, 0xfa, 0x5, 0xff, 0x4}, {0x4000, 0x3000, 0x6, 0x3, 0x7, 0x6, 0xff, 0xde, 0x0, 0x6, 0x0, 0x20}, {0x1, 0x4000, 0x12, 0xff, 0x80, 0x7, 0x5, 0x7, 0x2, 0x8a, 0x81, 0x3}, {0x6000, 0x0, 0xe, 0x81, 0x3f, 0xaa, 0x0, 0x0, 0x3, 0x9, 0x70, 0x5}, {0x6000, 0x3000, 0xe, 0x5, 0x7, 0x60, 0xfe, 0x3f, 0x2, 0x1, 0x4, 0xf7}, {0x970261fbb33925af, 0x6000}, {0x4, 0x5000}, 0x40004, 0x0, 0x4, 0x400, 0x1, 0x1100, 0x2000, [0x7fff, 0x8, 0x3]})
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f0000000140)=0xffffff12)
r9 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r9, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$PNPIPE_IFINDEX(r9, 0x113, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$TUNGETFILTER(r5, 0x801054db, &(0x7f00000002c0)=""/169)
r10 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$SG_SET_COMMAND_Q(r10, 0x2271, &(0x7f00000001c0)=0x1)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000e3ad0015"])

23:32:41 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x94, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:41 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = openat(r1, &(0x7f0000000000)='./file0\x00', 0x1a3000, 0x8)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000240)=ANY=[@ANYBLOB="7d13be14830826058523794336bba36e2710bb02e0fb17c640090dcf5e579efce97e0b90e74755b82d154d6a88068bdadcac8d49343c0bae1ea0b1bc30766b56386cb46661e744c7bd9dcf8103135c09e918ddbfdf05f97fb267ac23dc01c2f9b2bd4d76f2ccd2035092088a17f186a87d7541131ca4cb29a86a1d83dbe7107f940cf9faf4be44cabba266501273a2f4bc5c05c1ff94b6b4ce2c24e743f0491a17eab51d514a627e2b7fa91e96d6feddb7a413dd2ee874b5380000000000000000000000000026a82375dc5085ea81eeb96150134adbb6f5fc952e51af15e84032ce", @ANYRES32=<r6=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000000)={r6}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r3, 0x84, 0x70, &(0x7f0000000040)={r6, @in={{0x2, 0x4e21, @empty}}, [0xea, 0xfa6b, 0x6, 0x0, 0x5d, 0x5, 0x9, 0x7fffffff, 0x33, 0x0, 0x2, 0x3ff, 0x0, 0x7, 0x2]}, &(0x7f0000000140)=0x100)
ioctl$SG_SCSI_RESET(r2, 0x2284, 0x0)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f0000000180)={0x5, 0x7, 0x1000, 0xd16, 0x6})
r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r8 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r9=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f0000000000)={r9}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000200)={r9, 0x8, 0x80}, &(0x7f00000001c0)=0x8)
unshare(0x4010800)
r10 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r10, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
accept$alg(r10, 0x0, 0x0)

23:32:41 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
connect$bt_rfcomm(r0, &(0x7f0000000040)={0x1f, {0x8, 0x9, 0x4, 0x67, 0x7f, 0x56}, 0xff}, 0xa)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x14, 0x0, 0x405, 0x0, 0x0, {0x7e}}, 0x14}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r3, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r6, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r12, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
sendmsg$NL80211_CMD_GET_INTERFACE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x110000}, 0xc, &(0x7f0000000080)={&(0x7f0000001600)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="000229bd7000fbdbdf250500000008000300", @ANYBLOB="da4fb51311d61bdd38f7436dbbec21d60709637eb2fe", @ANYPTR=&(0x7f0000001740)=ANY=[@ANYRESDEC=0x0, @ANYRESDEC=r0, @ANYRESDEC, @ANYBLOB="c79cf7d7e212cb23a1341bf2a1118184987d", @ANYPTR64=&(0x7f0000000240)=ANY=[@ANYRESDEC=r0, @ANYRES16=r0, @ANYRESDEC=r0, @ANYRESDEC=r2, @ANYRES32=r3, @ANYRESDEC, @ANYPTR, @ANYRESDEC=r6], @ANYPTR=&(0x7f0000000400)=ANY=[@ANYBLOB="36c82b0f1262f36ae8c9caa5b98e939f6d7dd4c3a2d3757cb3a5729b969debc963dd9dae62179ece50491f55471b0665d886a690d39c65c469c30441f9423b83c3715b89c2757dfec96b03d0879b1459971c54b9780587a022fba53175c32830061378f28c61c810d4ef3b056e8ea79f4f47147445a7e18b43b3d44512edb94112ba06d0b8c461a846dcbc455ef108ed0b4334476563eabd207e307499125d41d1b679f696afb72cb446721a999062b6934be924021100f3569fa2bad0f63bb5893090075687e74ddce911", @ANYBLOB="24205020383aa281604b4ac2f6cafd22ac2d42c9209a902f522d1158b9dec4464e789a38559647f1904e1f445d2e8c298e4fee440e1fc91658da85c4fb595e76f6f4b3603b2a1332440e7ff50badd68abd693a04ef1dde59b61c30d7ba395706c6f14906f12b220141979a6555c2dbc99bfbb1d1d1714b44f168f6ae506a2dce02069e8a7a43a7d8b5fe5bbb9cb602bb1fe239a0bf04bde28022e82d93db637faaedffc4076cee1852eab7f04ed0fdbb382290b8c68c1af076440cc31bf5525b731a7d41bce6e4ad71733e10587dcdff7de3edabfeac5d3cfc33e0b3b7836ea0df3af1a84e0077c76359404e5e8105eeac14c52454df58bbabeec418937b3bcaf0673d94df5d912b52e846b74fd7650ed44e2ca9e8c6ba01cb20f6afa5c420ee774b8b0f939bc4588b35dc1eaf5ca6df22a4058c737732803c67f3bafdae30b60468dfd81170d3eae8d63b9005b71bc2f1423cdf1e639352ee2c764d657ff2eb5ba18d6fe8901bf3a29ef668d209c41acf6c658af438d23f8c71e998db7978c2ed1b44ab7529926c5cbee599e305f18c9a38ceca998ca69b429dc725605544965a8d5f0d6462d8335e34c85ac82a794e480eca9c7369848ce6a233d64695eb032111a83748992980b5df07110415378ede368bd8cb7f5b61ac3bdf42e0df19e1591400426477b1e5dd1f2f86e52d4797d0e54e6a9bda6240d838487b53cc0fad8efb5cd9999a873947eea2985da668f40c032143649821f3d399c402fdaec86dfce09260f04d2aa5beec9f26233fd77e30490104052a4b7b85407b4f3949ec0996b5efeeb17688337393069574cda46b6c8e9870df68f8bb37c5c04cae3ba640e342627419c0e4f49d39ee6d1863a29f199d6bae0978c06d20b4f6b047975012936aa4ba213b2a638dacb646c767a30711db5f52cb3e40eb47e182e0f2417ce8814d990af4adbeeba9c192d3d237e002ff95914f2b42bb8e4f8e0b829420313f409214bbc7956bc52381088998215e87fed2e279a894de1be8ac8d577b32e339947dc1051c7257106007f67cf9e29b39c493b5bf4722593208c54dc36248adf284cfaa55d689f3b42a8f29964c508848cf1eb32266b38afd7d53b2be8db002dc0e8944de294846936612a91d80caae4650ea8b910c4e8a26d99f9f57a992dfb6b922f14f057df1aed4c68edad03e38991d5bda44ce0932342137ab9a11b09895d2a92278cd71934ba37e7c0f2313497b8f0feb4b3bd4c1af1594e99331385219eaa5acff49cdd14ca3fdd2a60ced7673b698f6183153bc67ca8066b4f5f71ea86ff1b471c39e2828c1827188980e046e2bbe2cb76d88ffad17200ff853c5233ba48c0479e046355e2c46f7de8c583b01aca51d08f49ad4f8370d1ae30311e34ca2427d57a23b003ad9cd45715d6dbe7e7263475a91c30e9aad282d57d13d79f6c624a019211f55b767d02016eedb97f5004f6c1dbf5a16d9575e666f2c3854a9597856fcbc903340dd8564b7d3c43ee1129a62105d84aaf2ce46558afd9aac085b512cf008be33674608268584f02aaf9c078c8d2a68bdcae71c42e2a7e0ecc6957a3473de56427a22c3d009407aa4a498f4ed8711ef6567e5688079beec81465b216fdb996579809bb4ba0dd209b78262eca9b2299549578c1f4c0beff9f60c29a687a78fba8730fbd116db8199638a36076194dabb5a60ed81ce20c33e4ee7b08e334677517c9de6058d275bf5653dd90f3a0ef2a0b3561223f63e76dc6acf6b505f3e441ffd62a4ee54e14ba618f42702954896e226481c5bad37b3d95640cb0c6d3c0850aeb75c40fbff8eb240788b5773cb5cddaea5467252b4371f1bd888140b34b22a203a5b60e7ff908bbf527b3cf1fe909bab1cec6bdce0e9b6fed25fd39f7f82b4940af9c5c24e6d98d3709b1010731261f03c2d93cb88ce32e2ae7f465c63161d1de85a10b38e332f28bbe4489c9b276954c0ced4815db94356b32eddd216cf5783cb798e8501436c32d230e7b27c2a238c52203b0c649fb2bf70a4543caf2f1b431d1d1bf91c4a2792146803eb55b0c2eea868a76c278b1a2e353458802f066e06fdde6a91f2340cbaddf79bd96e1b39019231cf99bf60ad0f50e2860e84dbc3ed5753e5c9022ced4f2167616891920086c8e30ba249d9694f87e5dc7458e7bf0be8ca8ee34545b74881fef8c3dbc407fdc6d76b384fc5b2eee40590d05411923bdbeb3d51de0c7320c77ea51dffcf872257477644ea1073d76195f994943991d584e931dc3a4ea8357136a62e3142914f4232261c948be68e99953b2a32936819570c4daab9646628e3feec641bbe2df77446c07fe0c687d881333b44592b5baa3145338b5422f724694d90ed2f9b7a495112cf19839bef748d235cd7ba3a5d8bd35b46c09054c9625c7731e16717ede52b3a5ffea0fd36ed288f9d77c9abf33c106c38b0aca130bec62a21df911f6bd5eb665fe34fdfb65215ff677772d494b99c47ecdc6cc81730723d8c383819251b7a769ff0b9fc23fa78c7ef08f74c1930819af9e724e23cf3858f47704e14411ff96a99aea684949ff80f323f3b2c40a5e3cb649294452befc7f3409ec3f5c5e84dfee17cc7bb77428b18dee3611fcde9c7459b578f912868ff642a422a7760d9f2e097688f14a4e8007da4e23781f148ab822e26ab46cb5f1af00906860f420d5fca5f02e1d97f3eb0f809211745de6753d52ebf0f6b85da54be2539d5f4d677969c2214750b20ca833ced1070e430844316d41d861c6e600f9d34d0ea1c2b9ab86727ce8ec33778e1a2d395f88434d5403beeee31d026f2d2702b389f3300b30ae5ed956af0f7e3eda3fc38afe8a2374f7aec6126bc118982fcb2e3a19661e7dad853507b1e8887d5c7793b68535d43389570bc3be18f38627cb245b9b93ac299280621723e117228de0f7676bc1a3ffe63fc8ce3b33e729694e9a15a752dd3d7b26524f241547bd14d02c47a87e21c3c32c8e4a8b50a98aaec816f7562a596cdd3e7e530f8e0af4edbd8822ae98348a380c3dcae475c26e7f9417fa63f7eb71f16bb7dec5d34b064abc15d18194a1df99d1c3e0f54f947bc551509f09e6835aec91918cf8343e76f4d52ba7266ca5b61c7795c621d4092012a6b1f52013473b76a3368a96cab08f54bc86664523583a60611e132f4eb1a76ce07ef54257ca91b00bbceb4b8a9a8260eb58564fadd31f93e7142b8621461317e902cd42a32f4491e936ffc16309eacdfd46c1eff2135432098e4a44580e4ff07a8e0535539887e989410ba71cfb7c7fff37cf1acf64b2ed1d9b3c3a3fcd79c49bea195e19106a55e464b6b99065471fd0b5b76ef2eca1ac38fd2ec0a72c7b85e863ade9fa25c92db2381e1ccaf835f99f578bc8f932730c6ba0bc86dec663e954c26966b097cb33d2f6a6142e6543619397dabe7e4628384a94fc2174cfca3a44a8452dd02981bdb1ae4f98697845f9b387728bd88307b4a21a8aaf8ec424b99907c32d33fbc3bf83009710706410fa50da2a04449dff6e591deae75cbc5f8fe524f76a660954d0608f2bab2339b1280ef1e35328dcf7e49c0ca3a3a92fd664b478a793b7274ce1b52e74ed82c989d1f8e011104ae760b1d3b1a8b6b77403ce1b0be894999d99c6aef27a7dcbe6287d39ca165872b79c46c86c5e1e064a228f33892b0f15f01311c6743a3bb87ea7b98826e8a3819e18191bf6d087c22885123e1adf2d7d708a36d130bf07492478e3299ee8d3be3dbf202985f627004110011deae32f6512c5037e82d49d9df14454e0cc2e2b1ab08e0afc9121da0b47ce81fbb93f2d9babc15e9a99c9117931e49a669c40b34f93ecbe4bfc399041e4171e00baedace535504623051a08ba73a1e231cba65b51ce33cffd5de50cd2eee3b5024b4e21ffb69f6b1627e3be3253071b95b6a68c0c359336a441747b4f9f0f0288adfbd9e683c989762904e7d22024bb806baf14497d33b4778b4058f6a2dc3093ee102457766e03e85e58636736c8c04481411becd40e0ad4c211c92f734318ec2f0c7e13046797f3b3b7e8a888ab0de789c8d8e22593fa35f1fa5b81cb9680cc45698bd2c62ff1501bc84381bcf682590ffac130c1a293b51b8507159914e3712ec44c7c46173861352d13228cb11f38ecf5a29427ffe29ebabd146b07b5e03efa2a474b8506626fb34ac23f5267af47b318321a4d580a4bb96a603df4b7cd0e04764ae908b19ee65a18f48887edb6659c73e6df5841cbe6ef8be8df1e6d06a4ab3266f32cf206c6937213621640874cdd09bc6827fee9f00259688e0c9d4bb3eae476a59df344d4e3d9ede38598b299fb29d46cee387ba3f0d883ac06d9bdb34388d3000d2cb6c51e9bc0bd07ad3d0acdf254b246e4b721d345a52fc6c6bde53beba71541a46e9a007d4502d0ab520acf72354b0ae903a4a76761187eed6f769f2d80002f074918aadf8d251bad8f60dd65b4733377f3b2f8c27fb7958b018e4194946eda9851863f8950fd4e065ebd977746f4088cefa4cf43235d451be49863ec0ba2a739b656d8f6658302c13e0727adabd553ae2259403b1cfac46495ba16d085a2a474293b0ac0b384a6e7d16be6e824889838eb14dc812935a8890b9158cbd8f9a45bb04ecb7d19ea13735dd2d2d65d177127fe97e87d7d5b30a83c307c0aa56839768973b923c29a72a6f3d804ae240a924c3f411e741bc20aa3a97d87981f09bd246b70be0983075df91b8959aedaa143dd2a14ba1b6eafa0ccbf8848eff21b41a1faef059187f826d25c748bc7f7ecb87858a00e8bbcd401e333f006a958c904946f3ca98f39813d2a6dcb25a366fd33e38ed468f3d630014c417d70f1bd3ad14760520b6c39b68055df92cf5d81686ce56d23a7f8a8c44056e27dba059a4b5ba070936ca7fbabf842f36e614cce3136a16fb85124883119838d8370a37061f554fe3e2183ccd9e156cda5b4d8115755383934c001e64ca99a59003023547a9fd09a2041efa3a5f6c7b1e8970b6ff0f986fa6b0bdfe8219003b247fd2a11e22dd397b1e2babcdfb2dfefff48be14f2b033c232de2951b7524fa5085e5f873ccc2132996a030c93afb11945e16e77675b891b4afca6d8a17454adc6cbc0a207934a93bd86cd7d84e028099c8205581a0a3ba20d386e1f848562964758f27d85e00d5d3c89ec6f427cc47d2f29db0646f1703850052d3b406afaedb153f8b37429faa89d6029b0dddd3e470f6fd5b3f41f886933a7b08c007d3e3b1b7e7672d31cdb7f7d90ecfb897f9261b1ffff40a5346f4527faddc06a9967c9829bf14cfd488fca0a87de5993dea8f46ae93526a3e9f917e700913b6254f2d50f4a5936fbefa6ce78ce110f2442f847e08777176cf77f855963654ce8b1db5025d4a2be173abfedc3516162fae2ce1ad9f598ff7580503cd7ed0fa581345899f6dfde50c976e97eccf381be08af23bb8be082d81f65b7461f1a8348b51cab526211ca681bc30bc7e6c80690fc14c237709d18d8132f91e28c3b0428be3d2c688597377d918093af6b210b08922b894a9ae58d0d0fd22f5e7ba0a5be69e6263204c738e4c37b5cf0f66988348939767447603e99f751441f52b8dec951aa8cb69fff51e105a60a677ec52fa8a2e2d9b2c6d366633b4b657b8df94db10d6ca392785b58b8554993abfea7345efd950732ef3602ee80d0d75422fe5e0e5ae01016755c966ff7fb4a5b13434a57bbb82485a46ccbc1a3d15cda667176e54f8b257601f611c2731d7812e2016f11453bb54", @ANYRESOCT=0x0, @ANYRESOCT=r9], @ANYPTR=&(0x7f00000016c0)=ANY=[@ANYRESOCT=0x0, @ANYRESHEX, @ANYPTR64, @ANYRESDEC, @ANYRESOCT=r0, @ANYRES16, @ANYRES32, @ANYPTR64=&(0x7f0000001680)=ANY=[@ANYPTR64=&(0x7f0000001640)=ANY=[@ANYRES16=r12, @ANYRES16=r13, @ANYPTR, @ANYRESOCT=r14, @ANYRESHEX=r15, @ANYPTR]]], @ANYRES32, @ANYRES32=r8, @ANYRESHEX]], 0x5}, 0x1, 0x0, 0x0, 0xc040040}, 0x4000000)
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000100)={0x3, [0x0, 0x0, 0x0]})
r16 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r17 = openat$null(0xffffffffffffff9c, &(0x7f00000015c0)='/dev/null\x00', 0x2000, 0x0)
ioctl$KVM_NMI(r17, 0xae9a)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000340)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$TCFLSH(r16, 0x540b, 0x2)

23:32:41 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x80, 0x2}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:42 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x95, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:42 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000000)={0x3, 0x0, 0x8000, 0x10, 0xfffffffd, 0x0})

23:32:42 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
fcntl$getown(r0, 0x9)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000240)=ANY=[@ANYBLOB="ff9ac0f500dc00ee95bf00000000000067b849454d1219366362b05f7958351930b1d9c6a8549f97d0ad5015f5b00681c9e8c47f0767615dc3db254297b5fa2cd3e5d99221309244f2ed5cefa6d42d49238968c29f03ac357081741c58f3ec00000000b273193a8cba127518efc91da5dfbaa061c2ba44eb45c840b6affef101897f74a218a636648ed7f10300356743f4a9f36a3253de0a78cf7131f2e9571184e06b711e5c978df6835f5edd4b7b77994aece79a95e748a1df1bda5ea2f0dc19be43580e29fa6b88db797c2be8ff3af4dd427748e59cde2f16fb593ad4350fa788b69eafd6c2ebefd3a4f3f959541083291fc84e0f9d449eabf8bec6c18f503a3e1abd65bfae2067ed0000"])

23:32:42 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000040)={'ip6_vti0\x00', {0x2, 0x4e20, @loopback}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x537a5037977fd7fb, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000000)={0x666666666666677})

23:32:42 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x96, 0x0, 0x0, 0x0, 0x0, 0x0})

[  821.088601] audit: type=1804 audit(1578871962.187:2984): pid=15492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1295/bus" dev="sda1" ino=17655 res=1
23:32:42 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000000)="23162261953d56ca1a1f3a731ec4574a9e3418f11d3ef3a845cf99d242b7de33aa85e69756912a5a18cbb6bdd9e6cf0464a113ea1ba103de6552eb6347edde1e72c9999a2fc3711a53ebf87fb7556de802d949b25c90d6880fde", 0x5a)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001580)={{{@in=@dev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000001680)=0xe8)
syz_mount_image$erofs(&(0x7f00000001c0)='erofs\x00', &(0x7f0000000200)='./file0\x00', 0x3f, 0x6, &(0x7f00000014c0)=[{&(0x7f0000000240)="d29078b2d148f31bc49d0229d8a32d78bbea65555539f51d744bb824e1bc266d8afe01016ed0c2d1d8481315f1820358faadd26f17bb602c63a64454fea037993abe497ce8b39ead212cb65eab3513cadccb79f3ec20bb90b760ee58babad1133457986357fb6db96181f5339b058b6da8afd0c517f39ed4b563b9c1dc02c27fa94304656623ec503051c8d6310e23d50abc82c807d19847840caa52654691ebd1f1b59f471665aa7243f00feb46ac7d7d19", 0xb2, 0x3}, {&(0x7f0000000300)="2cf23e4eafe8b3ffc165a29df7a42fc81aa7d64f4adf470a51da804d630617094c", 0x21, 0x101}, {&(0x7f0000000340)="ab00e525d19ef4db26f75c4c09e65ae768e9202c31a6aa6e184d9db0c36fb2695a6347e44c3d34357abd7835ef85a8908fca3a83fa87", 0x36, 0x90}, {&(0x7f0000000380)="06be72ddaf5c6c7c088fb1c8be7acbc3ff6de957622a3de907cc300fdc53452cb842b163382edb62bffdb109021f18b9877268", 0x33, 0x8000}, {&(0x7f00000003c0)="aa474551e0a0fb86f5a3882062487b", 0xf, 0x200}, {&(0x7f0000001440)="3d08c66b810fb98ac7ccdb3f530682b3bc6cc866dab34da62fe3d321dee31ab8ba5a94f26a93d49a48db5ceb456115222cbb5da76e3f8fbb10ab0b0b64d3639e6103df8a340d4edfeef24d17eb97703509d3cd08c349cf7809017eb57f3e886dfc08d1dc04c27753284499f6b4226e2b8278e0a3e795", 0x76, 0xc831}], 0x100000, &(0x7f00000016c0)=ANY=[@ANYBLOB='fault_injection=0x0000000000000400,fault_injection=0x0000000000000000,acl,nouser_xattr,fault_injection=0x0000000000000003,user_xattr,euid<', @ANYRESDEC=r1, @ANYBLOB='\x00\x00'])
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/slabinfo\x00', 0x0, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000001780)='./file0\x00', 0x90340d8b0a0bc305, 0x101)
inotify_init()
ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f0000001840))
r4 = gettid()
ptrace$setopts(0x4206, r4, 0x0, 0x0)
tkill(r4, 0x20)
fcntl$setownex(r3, 0xf, &(0x7f00000017c0)={0x3, r4})
getsockopt$netlink(r2, 0x10e, 0x7, &(0x7f0000000440)=""/4096, &(0x7f0000000180)=0x1000)
ioctl$SIOCRSSCAUSE(r2, 0x89e1, &(0x7f0000000140)=0x3)
r5 = epoll_create1(0x0)
r6 = epoll_create1(0x0)
close(r5)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000c85000))
readv(r5, &(0x7f0000266000)=[{&(0x7f000032cf93)=""/109, 0x6d}], 0x1)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r0, &(0x7f0000001800)={0x10000001})
ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)={0x0, 0xff, 0x9, &(0x7f0000000080)=0x3})

[  821.265514] audit: type=1800 audit(1578871962.217:2985): pid=15492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17655 res=0
23:32:42 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x80, 0x2}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:42 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000140)=ANY=[@ANYBLOB="823b9712e3de000024b59c35f949d603e7a803d186a50bf6e8a8a3f289a67b7c8eb543bd9174c5481e01dff282ba3f33806d96a0b7bfd8a1943b6be5c632010aa52415a5967d2e3714057d9ece3745f3eb5c48e46b07d34c3b5180d6a471a5b490b2adc15a2fe99d3b9e2811a75d0d413260cfb38a0b3f4500b6b5603d20d3de2525424bdd4ec972c06c670fdb0000000000000000"])

23:32:42 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x97, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:42 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r10, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x1000}]})
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000180)=ANY=[@ANYRESOCT=r10])

23:32:42 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x80, 0x106)
read$snddsp(r1, &(0x7f0000000040)=""/13, 0xd)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:42 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x6, 0x5d, 0x0})
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x40, 0xffffffff, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCFLSH(r1, 0x540b, 0x3)

23:32:42 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x98, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:42 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000000)=ANY=[@ANYBLOB="000000cd02bb4100000000009f8a155fa85d66427565e1d9ad39dbff27fb0e2b7b0cf36e0adc5964dfd5"])

23:32:42 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0x3, 0x501000)
recvfrom$llc(r1, &(0x7f0000000140)=""/72, 0x48, 0x40000321, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00')
sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f000001d0c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00e900", @ANYRES16=r2, @ANYBLOB="090700000000000000001fffffff0c009900ffffffff030000400c00990000800200030000000c009900ff030000000000000c00990004000000000000000800010002000000"], 0x4c}}, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0xa000, 0x0)
ioctl$PIO_UNIMAP(r3, 0x4b67, &(0x7f00000001c0)={0x9, &(0x7f0000000040)=[{0xfeff, 0x1}, {0x4, 0x7}, {0x1, 0x7fff}, {0x400, 0x5}, {0xffff, 0x1f}, {0xd5fa, 0x7}, {0x0, 0x803}, {0x6, 0x404}, {0x3, 0x4}]})
ioctl$TCFLSH(r0, 0x540b, 0x2)

23:32:43 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VT_RELDISP(r1, 0x5605)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
openat(r2, &(0x7f0000000100)='./file0\x00', 0x185380, 0x4)
r3 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x84000)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r3, 0x28, &(0x7f0000000080)}, 0x10)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:43 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x80, 0x2}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:43 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x99, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:43 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000007b0100"/30])
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})
ioctl$USBDEVFS_BULK(0xffffffffffffffff, 0xc0185502, &(0x7f0000000180)={{{0xc}}, 0x7d, 0x9b, &(0x7f0000000100)="ffd59d17e1d3aa89936035b8b4904d1a1cb6b10eaafde389120c9b7d2434818736f2541a553440082ca007909a04484ce416ac01fe5ef9c5c8b8b16c5be61d2bfda03937f16011bc7a5e77c7ddbfb481e4f96b8ec0c67f064f4d8e58c270fb3c87c61966997d18e1cf5ec0715cb95109ef1aaffbfb0d659828c481f31a"})

23:32:43 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x9a, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:43 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x73, 0x0, &(0x7f000095dffc))
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x3, 0xfff, 0x0, 0x0})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0)
r3 = gettid()
ptrace$setopts(0x4206, r3, 0x0, 0x0)
tkill(r3, 0x20)
rt_tgsigqueueinfo(r3, 0x0, 0xf, &(0x7f0000000000)={0x1b, 0x4, 0x3f})

23:32:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
connect$l2tp(r2, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000080))

23:32:43 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x80, 0x2}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:43 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x2, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080))

23:32:43 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x0, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:43 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000000)=0x3124fd29)
ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0585605, &(0x7f0000000040)={0x0, 0x0, {0x8, 0x9, 0x1002, 0x2, 0x1, 0x3, 0x0, 0x3}})
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0xbbe8347e385965d8, 0x0)
ioctl$EVIOCSABS0(r2, 0x401845c0, &(0x7f0000000100)={0x3, 0x200, 0x0, 0x80000001, 0x2c1, 0x1})

23:32:43 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x9b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:43 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x9c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x5)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_PCM_IOCTL_INFO(r2, 0x81204101, &(0x7f00000000c0))
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae8a, &(0x7f0000000080)={0x6666666666666ea})

23:32:43 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x0})

23:32:44 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x5000aea5, &(0x7f0000000080))

23:32:44 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x9d, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:44 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x0, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="b884542de2abc76c"])

23:32:44 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000007b0100"/30])
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})
ioctl$USBDEVFS_BULK(0xffffffffffffffff, 0xc0185502, &(0x7f0000000180)={{{0xc}}, 0x7d, 0x9b, &(0x7f0000000100)="ffd59d17e1d3aa89936035b8b4904d1a1cb6b10eaafde389120c9b7d2434818736f2541a553440082ca007909a04484ce416ac01fe5ef9c5c8b8b16c5be61d2bfda03937f16011bc7a5e77c7ddbfb481e4f96b8ec0c67f064f4d8e58c270fb3c87c61966997d18e1cf5ec0715cb95109ef1aaffbfb0d659828c481f31a"})

23:32:44 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x9e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:44 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0xc0100, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r4 = accept$ax25(r3, &(0x7f0000000000)={{0x3, @null}, [@default, @bcast, @default, @default, @default, @null, @default]}, &(0x7f0000000140)=0x216)
connect$ax25(r4, &(0x7f00000000c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @null, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
r5 = getuid()
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x646b, 0x4, &(0x7f0000002ac0)=[{&(0x7f0000000240), 0x0, 0x8000}, {&(0x7f0000000300)="c7722a8f4140588259ca30605d849fad7da2f71783369f9e04dbd079471fddeb3f57b740a0fe2bea8b9133ee03dc54628da983d8d9397598cdd6b0fa837a06871173a870f40a2ae40d9929eef3482195bf3914c67d2c12abf83150b4524157a2eef77ce5c5d93ad6764f76c39521b1d4080148", 0x73, 0x6}, {0x0, 0x0, 0xffff}, {&(0x7f0000000880)}], 0x2000080, &(0x7f0000002b80)={[{@nodots='nodots'}, {@nodots='nodots'}, {@fat=@showexec='showexec'}, {@fat=@nfs='nfs'}, {@fat=@sys_immutable='sys_immutable'}, {@nodots='nodots'}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x30, 0xde, 0x0, 0x32, 0x65, 0x0, 0x66], 0x2d, [0x31, 0x33, 0x68, 0x64], 0x2d, [0xf91d1c00e4de5845, 0x0, 0x61, 0x37], 0x2d, [0x64, 0x0, 0x38, 0x38], 0x2d, [0x31, 0x39, 0x36, 0x0, 0x66, 0x66, 0x62, 0x6]}}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@uid_eq={'uid', 0x3d, r5}}]})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xfffffffffffffd89)
getgroups(0x3, &(0x7f0000000140)=[r6, 0xee00, 0xee01])
r7 = getuid()
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x646b, 0x4, &(0x7f0000002ac0)=[{&(0x7f0000000240), 0x0, 0x8000}, {&(0x7f0000000300)="c7722a8f4140588259ca30605d849fad7da2f71783369f9e04dbd079471fddeb3f57b740a0fe2bea8b9133ee03dc54628da983d8d9397598cdd6b0fa837a06871173a870f40a2ae40d9929eef3482195bf3914c67d2c12abf83150b4524157a2eef77ce5c5d93ad6764f76c39521b1d4080148", 0x73, 0x6}, {0x0, 0x0, 0xffff}, {&(0x7f0000000880)}], 0x2000080, &(0x7f0000002b80)={[{@nodots='nodots'}, {@nodots='nodots'}, {@fat=@showexec='showexec'}, {@fat=@nfs='nfs'}, {@fat=@sys_immutable='sys_immutable'}, {@nodots='nodots'}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x30, 0xde, 0x0, 0x32, 0x65, 0x0, 0x66], 0x2d, [0x31, 0x33, 0x68, 0x64], 0x2d, [0xf91d1c00e4de5845, 0x0, 0x61, 0x37], 0x2d, [0x64, 0x0, 0x38, 0x38], 0x2d, [0x31, 0x39, 0x36, 0x0, 0x66, 0x66, 0x62, 0x6]}}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@uid_eq={'uid', 0x3d, r7}}]})
write$P9_RSTATu(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="6a0000007d020000004b000300000001007f0000000008000000000000000000000007000000a100000000000000010000000a002f646576787afcbe2836c77c2f7a6506d7752c000e005c76626f786e657430707070315b00000a002f64", @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r7], 0x6a)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r8, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$IOC_PR_CLEAR(r2, 0x401070cd, &(0x7f0000000080)={0x4})

23:32:44 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x4)
sendmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000140081f87059ae08060c04000202eb10400103fe054e7d06a6bd7c493872f750375ed08a562ad6e74703c48f93b82a0200000046314461e606000000ffffff0201c50b182bbe936e", 0x4c}], 0x1}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$NBD_SET_TIMEOUT(r2, 0xab09, 0x10000)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x5000aea5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000379cce392f8cf8e19861000000"])
ioctl$EXT4_IOC_MIGRATE(r2, 0x6609)

23:32:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$KVM_SET_CPUID2(r4, 0x4008ae8a, &(0x7f0000000080)={0x199})

[  823.324568] FAT-fs (loop4): Unrecognized mount option "fsuuid=50Þ" or missing value
23:32:44 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x9f, 0x0, 0x0, 0x0, 0x0, 0x0})

[  823.416998] FAT-fs (loop4): Unrecognized mount option "fsuuid=50Þ" or missing value
23:32:44 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x0, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:44 executing program 4:
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x4, 0x1c, 0x10, 0x7, 0x0})

23:32:44 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000007b0100"/30])
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})
ioctl$USBDEVFS_BULK(0xffffffffffffffff, 0xc0185502, &(0x7f0000000180)={{{0xc}}, 0x7d, 0x9b, &(0x7f0000000100)="ffd59d17e1d3aa89936035b8b4904d1a1cb6b10eaafde389120c9b7d2434818736f2541a553440082ca007909a04484ce416ac01fe5ef9c5c8b8b16c5be61d2bfda03937f16011bc7a5e77c7ddbfb481e4f96b8ec0c67f064f4d8e58c270fb3c87c61966997d18e1cf5ec0715cb95109ef1aaffbfb0d659828c481f31a"})

23:32:44 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xa0, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000040)={0x3, 0x100})
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000400)=ANY=[@ANYBLOB="00150000000000008af00f8d31c961127bb067a27aba4438a82df9abb10b5ebf87f2dfca71daec3cefa05b988536cba44a1bf1371653eb4b337ac30cb27616bbb2f60c3185a422da444c7cb2ad7b7407e316ebae20f684a5e5d396919ad5c28e3c69bc1c903141172e4d29cb01dd19a544d0c90bbc4d69d05b4ac95fcd69afc720e6a716d57b6c713f0f7bf2ca96c52ffd02f5dd5da33427b2b270ec30535722fc038fa3fd4bc2a73358340330bc681ea2e4f6eb2dc96fe119482637e227176acb692ab2029f29cb17ae"])
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f00000000c0)={0x0, 0x2, 0x4, {0x7, @pix_mp={0x5e7fd049, 0x5, 0x3132564e, 0xe4174308fe49f84d, 0x7, [{0x9, 0x101}, {0x965, 0x9}, {0x8, 0xe300}, {0x9, 0x10000}, {0x1, 0xb}, {0x5, 0x4}, {0x81, 0x4}, {0x8000, 0x7ff}], 0x3, 0x7f, 0xa, 0x2, 0x5}}, 0x2010000})
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_G_CTRL(r4, 0xc008561b, &(0x7f0000000000)={0xffff, 0x9cb})
socket$inet6_udp(0xa, 0x2, 0x0)

23:32:44 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f00000000c0)={0x6, 0x0, [{0x7, 0x7fff, 0x1, 0xcb66, 0x9, 0x8}, {0x80000008, 0x200, 0x1, 0x6d, 0x101, 0x1, 0x1}, {0x2, 0x842b, 0x7, 0x2, 0x926, 0x8, 0x2}, {0x80000001, 0x8, 0x1, 0x9, 0x40, 0x3, 0x994}, {0x80000019, 0x0, 0x1, 0x7ff, 0x6, 0x7fff, 0x4}, {0xc0000001, 0xef6f, 0x0, 0x8001, 0x2, 0x4}]})

23:32:44 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xa1, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:45 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0xfffffffe, 0x0, 0xfffffffc, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000080)={<r2=>0x0, 0x20, &(0x7f0000000040)=[@in={0x2, 0x4e23, @rand_addr=0x74}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x29}}]}, &(0x7f00000000c0)=0x10)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000100)={r2, 0x699}, 0x1bcd826b051ffb9f)

23:32:45 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000007b0100"/30])
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})
ioctl$USBDEVFS_BULK(0xffffffffffffffff, 0xc0185502, &(0x7f0000000180)={{{0xc}}, 0x7d, 0x9b, &(0x7f0000000100)="ffd59d17e1d3aa89936035b8b4904d1a1cb6b10eaafde389120c9b7d2434818736f2541a553440082ca007909a04484ce416ac01fe5ef9c5c8b8b16c5be61d2bfda03937f16011bc7a5e77c7ddbfb481e4f96b8ec0c67f064f4d8e58c270fb3c87c61966997d18e1cf5ec0715cb95109ef1aaffbfb0d659828c481f31a"})

23:32:45 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xa2, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:45 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:45 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000000216bab769964a0cca0bb91a14ddcc107912596ba35feb78d21e8a4f1f16c4df5b11a3385b220fb1c9deebb1a19dd6c0c530e58db61a5f930354bc255bd1819ebd8bb93a6adc03afc37ed7ea44d2172d7881dd313"])

23:32:45 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000007b0100"/30])
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000240)=ANY=[@ANYBLOB="0000009252a9f300878f5763bfdf5811737951a605c4a999c2554bdd4cc0295f6fd5dfbe715c3df88878443f78a9a6f88780ec89b125c29c41690c3fc01978993c519d70a6cc4179db1b384c6523e737ebceb53e1d61f494946149aea7671a797a1d0dae28d4868caac31580af9fcf3c32f26bfb9e8f9eccd02c4deb0512c6188f13fed30b8dab11d8e0592a84d0aecd4b5886f52b7a863ea8af64c1fdf0f223a58ec121353fd861c408f3c9f5911129034108627f625786615a90879b8d3c561a0d05d6b1438b0004500c8a83543dc31f5a07d9b8314957e7b89fcc2e51ec24d6cba53e0bf0468a550c0af4ac8d2597861b17f86de34a6a7fbf64d61cd496e0b1593c2aed51b755ee601d0262758f706a6bd5d8a134f1b9cd09a612c8a73dcb6251ab1a866fb181d0263a83c62bbcc2d83d415aa524ff009ba3925b6b4316d449fde77657fedff31da44a0987266d1aff8322"])

23:32:45 executing program 4:
ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendmsg$TIPC_NL_NET_SET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r2, @ANYBLOB="01000000000000000000110000001c00090003000200ff7f00000800010000000071080001003f000000fc0004002400070008000100030000000800020004000000080001000600000008000100002c0007000800030002000000080004000200000008000200060000000800fe0000000c00070008000400090000001300010062726f6164636173742d6c696e6b00001300010062726f6164636173742d6c696e6b00003400078b0b2f409b024a299c5606f2e615090008001d000400000008000100110000000800040020000000080003000000008008000400534c0000050003004ce70000140007000800020000040000080001000a0000002c00070008000200060000fb070002000100000008000100200000000800030004000000080001001100"/309], 0x12c}}, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r2, @ANYBLOB="00102a7000fcdbdf2514000000b00001000d0001007564703a73797a32000000000d0001007564703a73797a32000000002400020008000300ff0f000008000200030000000800043ae44b1a0008000400070c89d61d200c88b70001001600000044000400200001000a004e230000000900000000000000000000000000000001f3890000200002000a004e23fffffffd04a09db71a37fa7138436a2da95f0f860500100008000300f02600ff070001007564703a73797a31000000000091d118861e80644c775ed049f5902949e16daac325c63ff1ed13bd5ea6359bb09c6214cecb4dc08f4bf4d6a1acb6644746f047f7ec2b1bcc0be09da59119fac435be0231e4f15cc7d9c36aa44baa616a42e2f77efba426c876"], 0xc4}, 0x1, 0x0, 0x0, 0x100}, 0x4000)

23:32:45 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xa3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:45 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, <r1=>0x0})
r2 = gettid()
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
ptrace$setopts(0x4206, r2, 0x0, 0x0)
tkill(r2, 0x20)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
pipe(&(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getpeername$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, &(0x7f00000001c0)=0x1c)
kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r3, &(0x7f0000000140)={r4, 0xffffffffffffffff, 0x5})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r8, 0x5000aea5, &(0x7f0000000080))
r9 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$SO_TIMESTAMPING(r9, 0x1, 0xa7, &(0x7f0000000000)=0x1020, 0x4)

[  824.364103] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  824.399494] kauditd_printk_skb: 12 callbacks suppressed
23:32:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$KVM_S390_INTERRUPT_CPU(r5, 0x4010ae94, &(0x7f0000000000)={0x4, 0x6, 0x200})
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))

23:32:45 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xa4, 0x0, 0x0, 0x0, 0x0, 0x0})

[  824.399515] audit: type=1804 audit(1578871965.517:2998): pid=15783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1301/bus" dev="sda1" ino=16689 res=1
[  824.431107] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
23:32:45 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:45 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

[  824.560550] audit: type=1800 audit(1578871965.577:2999): pid=15783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16689 res=0
23:32:45 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00!>\x00\x00\x00'])

23:32:45 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xa5, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="0600000000000000"])

[  824.847225] audit: type=1804 audit(1578871965.967:3000): pid=15828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1302/bus" dev="sda1" ino=17662 res=1
23:32:46 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x7ebe81, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))

23:32:46 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xa6, 0x0, 0x0, 0x0, 0x0, 0x0})

[  824.936644] audit: type=1800 audit(1578871966.017:3001): pid=15828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17662 res=0
23:32:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r3, 0xc05c5340, &(0x7f0000000000)={0xffffca9a, 0x100, 0x5, {0x7ff, 0x9}, 0x7, 0x3})

23:32:46 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000000240)={{0x1, 0x3}, 'port0\x00', 0xce, 0x20, 0x0, 0x976, 0xffffff00, 0x800, 0xfffffffb, 0x0, 0x4, 0x80})
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(0xffffffffffffffff, 0xc0884113, &(0x7f00000000c0)={0x0, 0x3, 0x101, 0x9, 0x7fb, 0xfffffffffffffffb, 0x4bcc, 0x7, 0x4b9b562, 0x1, 0x4, 0x1})

23:32:46 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xa7, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:46 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:46 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xa8, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
r3 = accept(r2, &(0x7f0000000000)=@phonet, &(0x7f00000000c0)=0x80)
bind$x25(r3, &(0x7f0000000100)={0x9, @remote={[], 0x0}}, 0x12)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae8a, &(0x7f0000000080))

23:32:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000040)=ANY=[@ANYBLOB="0000b2ff000000004a543547264d001000000001040000d093576b1c59"])
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x101000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$TUNGETFEATURES(r5, 0x800454cf, &(0x7f0000001480))
r6 = dup2(r4, 0xffffffffffffffff)
r7 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
bind$bt_l2cap(r7, &(0x7f0000001500)={0x1f, 0x6, {0x6, 0x7, 0x1, 0x6, 0x81, 0xfd}, 0x800, 0x9}, 0xe)
ioctl$TCSETAF(r6, 0x5408, &(0x7f0000000000)={0xbc00, 0x8, 0x7, 0x3, 0x12, "a03e13cab620b6cd"})
r8 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r8, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r9, 0x8982, &(0x7f00000014c0)={0x6, 'team_slave_0\x00', {0x3}, 0x7})
r10 = syz_open_dev$audion(&(0x7f0000001540)='/dev/audio#\x00', 0x3, 0x400)
getsockopt$inet_IP_IPSEC_POLICY(r10, 0x0, 0x10, &(0x7f00000012c0)={{{@in=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6}, 0x0, @in6=@local}}, &(0x7f00000013c0)=0x1a4)
r12 = getuid()
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x646b, 0x4, &(0x7f0000002ac0)=[{&(0x7f0000000240), 0x0, 0x8000}, {&(0x7f0000000300)="c7722a8f4140588259ca30605d849fad7da2f71783369f9e04dbd079471fddeb3f57b740a0fe2bea8b9133ee03dc54628da983d8d9397598cdd6b0fa837a06871173a870f40a2ae40d9929eef3482195bf3914c67d2c12abf83150b4524157a2eef77ce5c5d93ad6764f76c39521b1d4080148", 0x73, 0x6}, {0x0, 0x0, 0xffff}, {&(0x7f0000000880)}], 0x2000080, &(0x7f0000002b80)={[{@nodots='nodots'}, {@nodots='nodots'}, {@fat=@showexec='showexec'}, {@fat=@nfs='nfs'}, {@fat=@sys_immutable='sys_immutable'}, {@nodots='nodots'}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x30, 0xde, 0x0, 0x32, 0x65, 0x0, 0x66], 0x2d, [0x31, 0x33, 0x68, 0x64], 0x2d, [0xf91d1c00e4de5845, 0x0, 0x61, 0x37], 0x2d, [0x64, 0x0, 0x38, 0x38], 0x2d, [0x31, 0x39, 0x36, 0x0, 0x66, 0x66, 0x62, 0x6]}}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@uid_eq={'uid', 0x3d, r12}}]})
syz_mount_image$iso9660(&(0x7f0000000080)='iso9660\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x4, &(0x7f0000001240)=[{&(0x7f0000000100)="99f1ee00a73be21f79c71ec6aa38ea2db02663e9741d6cae838bd8646e8a245a271ce5469562529443e937b5a416e0c1f0f6e8b8e27ee97449", 0x39, 0x40}, {&(0x7f0000000240)="447961bf7dc41364d1a5e7500b41fea1cbcaac5a23ddc343ba5161f11ae58541f1b7ea77daf1895a3ff7bd68e587107a1adc33d53107578c7ff3c394999a2b47e9385149cc12fb875ea7b59267b154d3c500b63a58e4792c7513b141bdea15135b616e9d23f5116d510c4855a90d95602057210caa65fb376efc9428a1afff11b41b931c9acf5b925c910a2e54a51cfd3dbd2a9331e53fee279d6452ce7003f72efff112239b05ccac0570c755d0be3991f34fa72edce700d4f5b86d4906e16fc26002f0afb7d9879cf5fbfb7c5fbd8329692a848865a261a91602521702aabbeeec062360e062afb3f4fa4eb5e750b62cd3780fb8904ca1ba3d947e34f93ed31930e01aa861000030ff53798feeff3cbd1608e7b98fe588a97ec374c550682fea0aa4c232b853d5bfbbad98d01fb4687e910334e63bb87ab882cee7c05e0e867fb17c6d2c35f73cc53340ba4fde8167ad26a097ccd20acfea412119490bbf048f12785c607800862c5b27322a69b4f2b40e89c7bf1930b8d5c25ce9d11538a155bfa87d57061589da1c990ad8ecfca9ab1cf9f889ea7047aa15c31677ce92a01da4b74edbb690a53abc4433080d24593097cb195c98d4ec88836ae771e830bc6bdf7dbc931a79ce7553989123c8ec544f4be35c91da90c627db09c5b19c168af79e0e968547aff696f13d4f715c32769477c4e005ccb2269ca5e379c2e99bbf8b1eb56a513a6fb25f74f9c2864620c1c410852b146c4294f4e06b2ab328dfee3c6452eb063256034f53b6ada27576cb195f271070b5442c3a2e46d1f3f83b99ae13f456c82924f02f5c98aea9b155f63e613066e17562113573e8d197aadcc6e10ee61d5bdf36dc75d1922c5a48ac8acf3b6d9c3923bbbad88e4c4217afaaa6a99f8664b8487370b0922a4170e190537d8995d985af92957d9eb132a40433e6e2fd65c50a8472ceef60a82ac7cca157a1d3df103254e206b8ebfd011e1e217fbb9f35ee0f6e0526f9d1d814f4074851148cec28228f51e7ca097c394023d9a170e2677d2bec6dec5832095d6acd9a53482132407cc436d794fa440cbf74536076858ae77c0a985e2c0c6c394a80222cb3dac6e447393b44a817e242c867b5e221c70035e3edf4de89f0dbe88a70ac095867e8db50a993001a51a6ceaf4d3165b8208387f1d365f721357cfbb943af676d2622ace615cbdf2dc4dbcda7e7846f261f7cd9c7e276921188ed77c096e799ddeaf59fac4167df5a3846587dc378979473fd9f548df97b7685271d61cc182937add36c9f71c32cf37e7aeba07e671005faf6c10f7cec58c8bd580011266ce10d8294329815535c101179f13586d030691a2f3f8833db0e62e01e286ad310d58e4567f5084027dae855bbaa292da99d11bc09442e38182c03631354253dcd85bd6adaf1689b3417021b48812bfc6eb7f800700df70d6a7093d82e4c1ae3ce83f8419fe67f51f620e296f4de217a3d8d0c30975affc007b09740a9060ab5bc042e0423920f73b41bb993b58d84a1fba3a866fd6d2300a02af158a0172ae2c3c6dd7c018853a3fa019c04ae3fe455033a86239174e756c82a5326866113c8a8497fac4a914609766b727db3a0a0a08423fd2fd5fcd10245b73211e6e9cef48e91f6bb846e5599ba33a9bc571a159c66c63c2b039b95c361f2888b2c239cf675a6713560d837718e22ccb08fefabedec4deff3a0f012cef2c92ea23dd43ae2119f6cd6b6696244edb49caf2236d71579ba7414a9203e7cb0d76d13972c8bba802727a6968ef3c1cd95cab496b8585924af82232fe575da6a2477aa460f4dcd54108bd710a362d914235c91d94c6b3b6389232d30af558578f0f2baaae9e569cc511af958bae951a7d2b9147aea2ae4572de796824f7f7d600d4ec3f0205b1ff443c4daa77a3159d7342535655f8c7d42394c67647e92ec02270e083df8bf0782b6154c08d8ad229a714136684fc9c9abca1080e12e7e3ae8005b4e653e114da9dc8be50b25a565026008d9df9536ff5946b27a437541ba91db6926b8115ec504d3ed5fd8eab160a38fb66359d40b21659bc5ee0f28baad049faab9284f869387c937e4924c3279ad4c0175fabb97b279a51269750bf75cbf643ac4cc8402f03eb0684781499101a8a355e8ff37abf3ca86211d68a50be019955322b5a7dec53a31311755c8fbc9377a35f19b7c961dfdbd2abb1699d63de876037ab944207c11f1cf8a2239ef7c606045ad64d4178e07dd0d243e87f2017daa36cc689f27f7691497c287eaeab494622996441c1dc9d7ed4435e79e879cc96a0d53827f435a013b7bec4de4d0890ce5bd02e65e73fc958fe7ada60798b5d232b2eb3c730586ced9ce3412f1a23356a29311dbeadf0cf0514388522e26468ff4b9a8f10977fac536c3b30296193cbb2ddf17659d6661008bf77ed3bf40798bf7b53dc56c9db36be548107f55323118761d5e5ac9f00ab784f90ce0644f7730e05de75ec8af25446f6197d7caa4b18f692191dee22068b67bdc6be3170df3f3312f820c9c2e209a3cbb82f69f179902e546e2126195ca122925d1086796ed92651c73c5d65ea7bc6a94e02479ddc4f1852526b091599937850678aa60b5a053cd73ddd9f08e98b52e83a3b23248bf97485fcd85c1f94ca6ec38c7a8fdc454d80c0c70a691e972da62c454d84a789cbf25fce6a0eebba6e42468ab9ba3694879ffa068ecccc8404eb0884067905940888b462cd566575cb4b56f5183926e0341a4658431360ad450b52ceb038487fd7bb42a1e087d86ba34129e273295821c63c9361d1025a5e81815d7ff5781e1dbeacc2d1e8c8f36487e7b652a3ffe8f1b3173c4839d6b169ae7426a043286c952d839ba3c7d95c8096cf6e9a40c1985358cf990d9a23da7253ba3dab4559577b082aa95885717bd93bc602acaabb04d1b39ad9f6f3298f41c944a0eb81e3ae1433a94da172e5c89d74dcfd30aeb1cd59c282b49f2abb281984a9fcd88c13c615e44a8b6721584e4581ed74ceb49be126254ea6b14746386337ed7048d8fa3c6fbcf0efda8ec3caee730041ddbedae876012c3a0b52ac16acc98b3af8be48a1fc9a8bfac043d035bcf1d5bd4c7c75992d7eabf58afccfd5dc1714b78f63b6d4603656a3baaa04f00e1c294ea148a8a2151688808ac9d4cd888f5affeeb0b021f8f0121cc1d7c84223a77ffc37e07f037b30d9cb76992921604214daf781ce131e5bdc585a06d7c7807eb2bcbbd3258cc584691e1ab46f5908e402faaec3b265641636c11f577089ea7b03222ae73960e02a738e75bf5f4cb29780471a920dee26592560bf93923a3aba18d57ef1c6eb21224977c39e0de81cd47af66abd590cd65064abd28d4cb1a3713270bb19fce2f558f732bc20e43a57e94d95a428b615714489bcd7d760a2d995da3a90cf525915961ec82c37f4be46b51c4e54254ca7379e638ea5046845aa1529f2c59ec9a2b72971c9c86f5cb9b11fda1ff87f91018291f498cdd70c54904aea91320f300c21e0f72dae13c8ac1da4386e9c25e0227e077646ea99a59f2bdad5e5b998e754a998ea189b8ea44c470eb00402a0e6030bf3f54c98cd0eaeecab9909e320a8be5738a2349b7d67851c9bc1817ce42b956480d71afea29cdafc4a0de56dc81be42b90a9989221b1cf1b7bd88327a305571f9cfd45774eb2b3c49a5de2fb0a8aff913d957d9a86550bd8bed0b918a75e6c08a4bded4f9cfa9e7eec4315373c55ac55a5e962360657cf156dbeedb6146177fb2ff25fc82daccd661debfa405f3d87c90c2e70a00156a26c2e36c5bc846d669cbed3c03b11f0822313a25ced05e29679ca52f2b9503c71da5412027ed964ef86f1b4d8fb20bd924b9e94a8d49450c726d148a5e0140f7f9c7dcb236a3c4bafc912d0d1bc71eeb71f1df6162d771e6633aa41719996a05258b705cea4024ae3ef3583ba6c7bc4513e2cbbfc70884a0381a7f9803958a2eab60163287daa0508e4addc5cdea06d759135ea72ca159630bbed0161d4d360155a5749eca62dfa14d44dad7b706a63d5768b78006396a67097f96873ee90601305d9754564b92d995b6d95ef74725de57a9b7b8c8c4e3423f071c2d891bee5f37271d6e1d8f991b9b29c66f8c9b680424a189fe9c4ff7551a26ebe681f276a5f54f665069c4e4d53e0ee6cde04323b916c74f3a5b7836f9e98e636a76e48fa1d56ae0a1d0a4612c8e6ee6635700611dff30cc4cd2c7bcc6a388e346109ef5b058b993438c18aa9d21ba09e107d40b6e90576b85be2cc955135d7dafd09a120356c3b6c4a3b6a2e45f49728e67601ec5a7782b9cb6d6da4f21d610f5c19c9257571183cb47c1189cca57640b75745bd3325a092a527bda636f9ebdb8a70974c8b19d9a486a8aa4804382233fc0b8a629be0204d03859d7293adce66490a14a6aad4268f7ab159a9a2748d360140ed3f5cceaee358761d7774d20da2316cebf77a814c1ce870a7e398a4c78cb17b3e89e24d705734b9f4ddcd5a6c25091a7b75abbe129bb78cca5684fe9fb425b6c1eb2ef9a2d95001174dde91766c0764693e04404d2e0c4d05ef784346c3764458d768f999b341496fe2686ed0409c3bd7c5274db1fa7ad18de3c78a2aedfc9ea6acc113778384980f1262de3a213e21d3f313074c3c64e05023220019a8160f0a2343591e8859501e0098005799e246a283b6ae899538a4c24d3be3d239fa8cc75b711405c11148dcd8b0adee1c30cb66c559b0e0c40cd1736d7f59dacd87fc6f4e6ba90fefc1fdb7008bae8993dd92bbeccb42f5fee105c07161d93188c2b4ce65e4d790230ff2fb6d2b5a6e0d7f59e3c7f55e21c760f28b265c22ae6a80d1ca5198b06bbed70e06e89f85b6396194db53e449876cfd62a409b21b07e795738e40ec2726230f5e334aee7e671392b626d4e1086ef84e193eb0a94c2765d089c24eb89fbbd9ba4a8139dffa061f65253a5c49eac08b9c3aeb19a4f4d5d91a52bc1a1f3fedabcf7a46ef86264892fd23f90601b7787e1fd2d552f3514b1835705d655f980ae1e3f84ffebc1836c1065f091779f1632b929f62e6f786668d19e8688286b36356b1a4712c75ca184333d9d7dcd70a584e92abe2aee4613c0e9971725fcac0694cb6c966c4a35734c7d7291c94ba97055a2b3c1c0d0522d77009df7f06545dfcc15c5ebac28ec2d89da29bea43e70d04449f118cc802a1ab2564c51726fd95f0c6ff2ea8c210480e28db282e557b6254e25781460b20b1c9b234fbf7674414868af28ae547a7807150e1ba1a391502b6a0d45907d5bf7bb468548ff573a38ffbc77e5b80b382b6ee58d2bc814ccff4aca44a622e19dea786c78a93bf1c99ca4205359118b8741129eef385c867d821cba53889c0dbee25da6e59bf0f27ffb490d87f3720b3e479bd527c9ebe61a5acc6173ef9d7c83202dbbd055f36720113a4a474f281db45c7d702b8e1bd8fd038bdee384f9838a6a0a814d1ea8698e04e9ddce691be558d2e827a306d749567070cde2d16fc98d4ccff4ad6d15c6ffdc92f5eba393cb41d5cbcb9c6bc6325a4ede335661e9be6a6510cd31a79e76b67ecce259d6bfa4d75f0cddbe0db8a60d7de59fda8628c281bfb0586254a7689fe7b5226e01e91d1a9aa559744e0d8c2ba3a037780b30c4710e9094415b0200f00b525c6a3dfc633302d8923c24857ead1c5576cca0971ecd621116f3aad1e19fd3bb383a2414acdaf94d0e85c65e7936611374f67d9aacac37bf8cf5271c6a48f0e54db0", 0x1000, 0x19}, {&(0x7f0000000140)="093e0306ebcdef1bde7d9f01bef9ddc4eed76f161767051b023b7b2382230e23fab705cd19f40ef601c36d02b90e15574fbcccfbde47d588f3f2e6eff439538cae0885068ccbdb", 0x47, 0xd09d}, {&(0x7f00000001c0)="42d61f8f0c66d05b8a10b8df5a9efe8d65150f4b1ee1d20243a83e9c6a22f4ee9e9184494d9e73b11b0ce9440a", 0x2d, 0x8}], 0x10000, &(0x7f0000001400)={[{@hide='hide'}, {@nocompress='nocompress'}, {@check_relaxed='check=relaxed'}, {@overriderock='overriderockperm'}, {@norock='norock'}], [{@euid_gt={'euid>', r11}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@hash='hash'}, {@uid_eq={'uid', 0x3d, r12}}]})

[  825.367905] audit: type=1804 audit(1578871966.487:3002): pid=15865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1303/bus" dev="sda1" ino=17645 res=1
23:32:46 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

[  825.492183] audit: type=1800 audit(1578871966.497:3003): pid=15865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17645 res=0
23:32:46 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xa9, 0x0, 0x0, 0x0, 0x0, 0x0})

[  825.596271] audit: type=1400 audit(1578871966.607:3004): avc:  denied  { accept } for  pid=15880 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
23:32:46 executing program 3:
prctl$PR_GET_FP_MODE(0x2e)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = dup(r0)
ioctl$VT_DISALLOCATE(r1, 0x5608)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000100)={0x9b0000, 0x6738c979, 0x80000007, <r6=>0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x980912, 0xc9, [], @string=&(0x7f0000000180)=0x7}})
ioctl$KVM_SET_CPUID2(r6, 0x4008ae8a, &(0x7f0000000080))

23:32:46 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
ioctl$TIOCGICOUNT(r3, 0x545d, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000600000700d0e0f4dd5deb44c59181af5502dfec6d42573cf968e8cd2a329ead87dff724e619ea17b6bcd5b53237effb16a17ac6635ec45b35e2dfb6dd8b207adf4741e973b3c8fee61ecccda9d5be7926620195caa53012f946c360edeee5293f9b489f9b4b63955a6af453fa23138aa7e13197a524493cd2b891ca12f52f17b2cb89ab0000000000002c61b0d8fc327bc4744c494fa707fe99830434efacd7654e09336e134e785d7d722c6f83be7d9e50a54877fbfdcb0a9f1fccecb9fefeae34167d63b34db7bf0f639735863d8e0fdc1d987b79b23208be51c2be16615e3e921de7eaf3171af3cb4f387b5b9ed34d1f0d37d29c0bcb71e28db0b5443a89ae4a0e3f1d020acfa10f8029abfdfe06d081b4ee02fa5b0a274bf5acb8af651b4ddb47249b89772e7559454510fd62971f721fcc2282cc2271c3b45646aa1cfe0d09a6eb583f2eca374693602f10491ddbf3b13e1f6ae52a7be2772954c4e66eeb6c73ef03b90d812d096f69c3811a6525f487"])

23:32:47 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x2, 0x3}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:47 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xaa, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:47 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:47 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xab, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:47 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00')
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f00000002c0)={'team0\x00', <r5=>0x0})
r6 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x30a00081}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0x4c, r3, 0x400, 0x70bd28, 0x401, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x4, 0x4}}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x7fff, 0x2}}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r6}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x801}, 0x10)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r8, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
clock_gettime(0x0, &(0x7f0000000000)={<r9=>0x0, <r10=>0x0})
ioctl$VIDIOC_DQBUF(r8, 0xc0585611, &(0x7f00000000c0)={0x1, 0x2, 0x4, 0x1, 0x3, {r9, r10/1000+30000}, {0x1, 0x0, 0x7f, 0x6, 0x0, 0xfb, "5c2cc89c"}, 0x8001, 0x2, @offset, 0x8001, 0x0, <r11=>0xffffffffffffffff})
clock_gettime(0x0, &(0x7f0000000040)={<r12=>0x0, <r13=>0x0})
ioctl$VIDIOC_DQBUF(r11, 0xc0585611, &(0x7f0000000140)={0x7, 0x3, 0x4, 0x400, 0x7, {r12, r13/1000+30000}, {0x3, 0x2, 0x4, 0x3, 0x2, 0x8, "ae64b6b8"}, 0x10001, 0x16d161549636a4b1, @offset=0x400, 0x80000000})
ioctl$KVM_SET_CPUID2(r7, 0x5000aea5, &(0x7f0000000080))
ioctl$EVIOCSREP(r11, 0x40084503, &(0x7f00000001c0)=[0x81, 0x6])

23:32:47 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000080)={0x0, 0xfffffffb, 0x0, <r2=>r1, 0x0, &(0x7f0000000040)={0x9a0901, 0xffffffff, [], @p_u32=&(0x7f0000000000)=0x7fffffff}})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r2, 0xc08c5334, &(0x7f0000000240)={0x9, 0x0, 0x1, 'queue1\x00', 0x7})
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x1, 0x4, 0x4)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="0000000000000800f97656324c96592b504a255b42dbc1d75546a00b6db2090000000000002ab4ed6000a0efb288911eb921c3173b5732983a7de4d39d203bd4bd267ad18f442868ffa9e82327dbed639750fc4f53ba948097974bf6783b287133fc534272967c1113adcbbb7e0d8f8ccb7b8b9659a81e84f200"/133])

23:32:47 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xac, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:47 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

[  826.336283] audit: type=1804 audit(1578871967.427:3005): pid=15938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1304/bus" dev="sda1" ino=17668 res=1
23:32:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x400000, 0x0)
ioctl$SG_SET_KEEP_ORPHAN(r3, 0x2287, &(0x7f0000000040)=0x4)

[  826.511799] audit: type=1800 audit(1578871967.507:3006): pid=15938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17668 res=0
23:32:47 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xad, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:47 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x2, 0x3}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:47 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ff1000/0xf000)=nil, 0xf000, 0x800009, 0x10, r0, 0xa0acb000)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
open_by_handle_at(r0, &(0x7f0000000180)={0x6a, 0x7, "924f3485023c705741645b5a89f4ddb6aa77e1d96881d88d699f908aeae2551420bda07c27307645331c5d0ea97d8b6467d61446b361a0d444a9d540dcce82e10ff4a509cdebf00cbce66f8c85ff2b94ca67e928c356ed5107273b11645b7cb9e9c3"}, 0x4000)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000240)={0x1fd, 0x0, &(0x7f0000fff000/0x1000)=nil})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f00000000c0)={r3, r4, 0xa976, 0x7, &(0x7f0000000040)="449fc0a7c16d60", 0x4, 0x2d, 0x6, 0x1, 0x20, 0x4, 0xf7a2, 'syz0\x00'})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x5000aea5, &(0x7f0000000080))

23:32:47 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:47 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xae, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
write$tun(0xffffffffffffffff, &(0x7f0000000000)={@void, @val={0x2, 0x3, 0x1f, 0x9000, 0x80}, @arp=@generic={0x335, 0x6006, 0x6, 0x0, 0xe, @local, "", @random="911a99b249f5", "3ddec28897e5b4e6751d19eab654"}}, 0x2c)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))

[  826.855512] audit: type=1804 audit(1578871967.957:3007): pid=15984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1305/bus" dev="sda1" ino=16689 res=1
23:32:48 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:48 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'vlan0\x00'})
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$netrom_NETROM_T1(r4, 0x103, 0x1, &(0x7f00000000c0)=0x5, 0x4)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000998e49f8600214fc7e00"/32])

23:32:48 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xaf, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:48 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x2, 0x3}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:48 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:48 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb0, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
r4 = accept(r3, &(0x7f0000000240)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x6f)
ioctl$SIOCRSGL2CALL(r4, 0x89e5, &(0x7f0000000100)=@bcast)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae8a, &(0x7f0000000080))

23:32:48 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:48 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb1, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:48 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x5000aea5, &(0x7f0000000040)={0x32d, 0x0, [{0x0, 0x9, 0x7, 0x80, 0x39, 0x1, 0x200}]})
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/mls\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f0000000140)=0x3)
ioctl$RNDGETENTCNT(r2, 0x80045200, &(0x7f0000000000))
ioctl$VIDIOC_SUBDEV_G_FMT(r2, 0xc0585604, &(0x7f0000000080)={0x1, 0x0, {0x9, 0x6, 0xe, 0x9, 0xb, 0x2, 0x1, 0x6eb2c9fbf5827b96}})
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r4, 0xc0305602, &(0x7f0000000100)={0x0, 0x3f, 0x3012, 0x1})

23:32:48 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffffffffffffffff)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:32:48 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb2, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:48 executing program 3:
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x406, r3)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x200000000000001)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae8a, &(0x7f0000000080))

23:32:48 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:48 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x0, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:48 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
ioctl$UI_DEV_DESTROY(r3, 0x5502)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000000)=ANY=[@ANYBLOB="00010000000000000101f7a1fb4a054bf945113cc0"])

23:32:48 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:49 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='trusted.overlay.upper\x00', &(0x7f0000000100)={0x0, 0xfb, 0x2d, 0x0, 0x1, "73a9d8140fd7ab70aa2365a2a1accd2e", "9a2af0d9d8bb06f2cd29e3ddcf11898a44cb5ff599ce6440"}, 0x2d, 0x2)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, &(0x7f0000000240))
ioctl$KVM_SET_CPUID2(r4, 0x4008ae8a, &(0x7f0000000040)=ANY=[@ANYRESOCT])
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x20, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x20}}, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r5, 0x10e, 0x3, &(0x7f0000000180)=0xb36d, 0x4)
getitimer(0x2, &(0x7f0000000140))

23:32:49 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb4, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:49 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x1, 0x40}, 0xc)

23:32:49 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:49 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb5, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:49 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x0, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:49 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_SECURITY_KEYRING(r1, 0x110, 0x2, 0x0, 0x0)
setsockopt$RXRPC_SECURITY_KEYRING(r1, 0x110, 0x2, &(0x7f0000000000)='/dev/kvm\x00', 0x9)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x5000aea5, &(0x7f0000000080))

23:32:49 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb6, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80604, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f00000000c0)={0x137, 0x0, [{0x80000008, 0x2, 0x0, 0x2d7, 0x1, 0x40, 0x80000001}, {0xc0000000, 0xe000000, 0x0, 0x8480, 0xff, 0x4, 0x3}, {0x40000001, 0x9, 0x1, 0x7, 0x40, 0x60496e89, 0x7}, {0x80000019, 0x0, 0x0, 0x3, 0x7, 0x3ff, 0x80}, {0x80000008, 0x2, 0x6, 0x8, 0x1, 0x81, 0x8100}, {0x2, 0x8000, 0x0, 0x10000, 0x1, 0x6, 0x9}, {0x80000008, 0x1f, 0x1, 0x0, 0x5, 0xfffffc00, 0x800}]})
fchmod(r1, 0x88)

23:32:49 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:49 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x6, 0x4)
ioctl$VT_OPENQRY(r2, 0x5600, &(0x7f0000000040))
r4 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x82500, 0x0)
syz_open_pts(r4, 0x80120)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x5000aea5, &(0x7f0000000080))

23:32:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x80000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))

23:32:49 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb7, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:49 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:50 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x0, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:50 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x208600, 0x0)
r3 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00')
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vsock\x00', 0x0, 0x0)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40040011}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x8}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0xe367f64b5c290d99}, 0x4040001)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$bt_BT_SNDMTU(r2, 0x112, 0xc, &(0x7f0000000280)=0x9, &(0x7f0000000400)=0x2)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@dev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000000240)=0xe8)
sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2030082}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="2cc67afd0900c992f09675748a7514000000", @ANYRES16=r3, @ANYBLOB="00042abd7000fcdbdf250200000008000b00", @ANYRES32=r6, @ANYBLOB="060001004e2200000500020008000000"], 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x6098)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x5000aea5, &(0x7f0000000080))

23:32:50 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb8, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000080))
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000000)={r6}, &(0x7f0000000040)=0x14)
r7 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
ioctl$PPPOEIOCDFWD(r7, 0xb101, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f00000000c0)={r6, 0x9c, "df321d89ad5312a23b9a53b8d92c3349646a769b6768ae332c752842170a11fcca2740b5a118f3be5c8da30458b81089d1c48a832e8a23f3fb030317b05da5e415ddac60e497d0afe4fa831c17c12af2919ada8aaa971b764cfc7ce09800caa4f8d49d4c66acc0b61424a813fc063bacdbdd70f4b77e9d997db197b05f667111f394eaa9110e7784cabe6961c8d511189b386f1a5b7dd903345b0fdc"}, &(0x7f0000000000)=0xa4)

23:32:50 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:50 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb9, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:50 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000000000000f58d2e44ae648e5ddc48812cbea434bdae42d78af8cc45f93c24bb5c321863f177f459904c513023c2fb1b2d6ce4de9a34c7a611114bee537588b2d7b24dd7c624256129f4efbb4d6545572bab07ddecc72247e2585e8af35d62a813b604237bf55ab9719a98d246019a8653f26559ccbb3163f1478ba6a0f4902f483a35e9544bb0b9b0eb40f3670804843e66cb3ef274f99b2eb22d87fd45fa458ec6d4aa97182de797f6df27c845c57ffb254d6f4ee2436e972c728edda7004969c556a02eb79c52"])
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$inet_mreqsrc(r3, 0x0, 0x26, &(0x7f0000000000)={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @multicast1}, 0xc)

23:32:50 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:50 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8f1b, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bind$llc(r1, &(0x7f0000000080)={0x1a, 0x0, 0x7}, 0x10)
sendmmsg(r1, 0x0, 0x0, 0x40000)
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
r2 = gettid()
ptrace$setopts(0x4206, r2, 0x0, 0x0)
tkill(r2, 0x20)
r3 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0xe7, 0x10000)
perf_event_open(&(0x7f00000000c0)={0x4, 0x70, 0x20, 0x0, 0x0, 0x30, 0x0, 0x58, 0xd1f96cbcee98bc30, 0x7, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x4, @perf_config_ext={0x8000, 0x1f}, 0x8900, 0x80000001, 0x240, 0x1, 0x1, 0x6, 0x2}, r2, 0xa, r3, 0x2)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet6_dccp_buf(r3, 0x21, 0xc0, &(0x7f0000000140)="a297f5da76a8c19eacbd222dae3a8e1afaebd4014dae13c0cf4e6b0e4d", 0x1d)
open(0x0, 0x0, 0x0)
open(0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x4001, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x5000aea5, &(0x7f0000000080))

23:32:50 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xba, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:50 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:50 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xbb, 0x0, 0x0, 0x0, 0x0, 0x0})

[  829.671276] kauditd_printk_skb: 9 callbacks suppressed
[  829.671295] audit: type=1804 audit(1578871970.787:3017): pid=16204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1310/bus" dev="sda1" ino=17680 res=1
23:32:50 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

[  829.846948] audit: type=1800 audit(1578871970.837:3018): pid=16204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17680 res=0
23:32:51 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
name_to_handle_at(r0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0xbc, 0x0, "d4b8d20491da4f7f3dd02d90b84013da7e9adc5d4f0aacd4535eb3c070c940e6f12dc9e66b84d609d211724fc43c758b2b7b7c4f941c40574b12440601a61681faf167144a02a83056ee74bb63e0cf5bcbfb5f9c5ba787e1c4af9bc38bcf6a7c536d1b56a3fb1de8644de0c82f37176e5361342258322b3e4fbb04c260a59979b424d60ed8b5f59c23d19348085fbd33180913c83f37373c495986f00f80044aa46fd3ef33d4ae53f506e02066b8dcc8970bdce4"}, &(0x7f0000000040), 0x1400)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="bb0b05920b852674"])
ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000180)=""/96)

23:32:51 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xbc, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:51 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:51 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xbd, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:51 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x1, 0x0, 0x0, 0x13b, 0x0})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000000)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ENABLE(r1, 0x40086432, &(0x7f0000000040)=0x1ff)

23:32:51 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:51 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:51 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8f1b, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bind$llc(r1, &(0x7f0000000080)={0x1a, 0x0, 0x7}, 0x10)
sendmmsg(r1, 0x0, 0x0, 0x40000)
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
r2 = gettid()
ptrace$setopts(0x4206, r2, 0x0, 0x0)
tkill(r2, 0x20)
r3 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0xe7, 0x10000)
perf_event_open(&(0x7f00000000c0)={0x4, 0x70, 0x20, 0x0, 0x0, 0x30, 0x0, 0x58, 0xd1f96cbcee98bc30, 0x7, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x4, @perf_config_ext={0x8000, 0x1f}, 0x8900, 0x80000001, 0x240, 0x1, 0x1, 0x6, 0x2}, r2, 0xa, r3, 0x2)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet6_dccp_buf(r3, 0x21, 0xc0, &(0x7f0000000140)="a297f5da76a8c19eacbd222dae3a8e1afaebd4014dae13c0cf4e6b0e4d", 0x1d)
open(0x0, 0x0, 0x0)
open(0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x4001, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x5000aea5, &(0x7f0000000080))

23:32:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$KVM_SET_CPUID2(r2, 0x4008ae8a, &(0x7f0000000040)=ANY=[@ANYPTR64=&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000100)=ANY=[@ANYRESHEX=r1, @ANYBLOB="443284700d32da8858c45d5b1320676614928508ada03832938bd286933cc73539544355bec4614088ac5a1878fb7a8a7249d156a1c7946e51610fe5165265ed323f5801b880204d08931e202807e6caea7c02bf8830dff5a2bee653", @ANYPTR64], @ANYRES64=r2, @ANYBLOB="fa8f264cf88b04c24a0563477e5016ec6cc163867f6371d39a8b76c23aabffd4d2fb47cb8d63b742811bb7b87af312339a33e0c2c787a97c38dbfaba", @ANYRES64=r5, @ANYRESDEC, @ANYBLOB="3a734d06600f8a08e1bb917d5d1852f5cba9e1e1a90f303a472dab69d06e9138aa3d5924f982e863bad8e170e481d764bce9e0c021228df2218a4454b19f7c97d8dea9711d07c7b80874aa2624b1e555896f16fbba65c2688cea66bf96d9fdef42bc8435bd4d694917e9d27f12c93b0839ca73cf34d499827300a88eb7a3fff57045b13f37d5eb8f33fb8d50c5cbe78d91d63104eff514ec15a76848eb3b96581bcfbff9749942b670ceeb19b4b12193328ca411d6c7d2ac60b4c70e21fa32c39cebdbfd47088db4f6eebcb8ee95c09ded4775a5dc555f8df5ba703867c5a118a6d4bf11901bd93b8b039dd6b55c882640ae25fa9554ed1f032051eb92149b139f7719b5d444457c96938e771772c9b5d423555df204697bebf40f3145917e8eb5b4fc9d09a8e55b8170120e4311cd90fb0f4b76809c9387447df27ae1b99ae71428a4d6defeb471564b86f42b539a58e918e01edc69b4f2eb70946d9c2da12b1ce17d67f2ce2e4ad0de9d436912d05796bc550d4030e6d819c18e2ca08d5b066050bcb99007c9cda632bbda0edb8badaadca0076c8ebfccaaf33e50721c4c90fbe636d674f463c7e19f59bc05e7851782a5692acd0ca8f9268de5bacf80a502e66981c28b95e3468df394e08d0a6e7d933f790effab42fd81c16cfd4726d4f2bccf858320097f225258c31683911affbbaedc74a93fbada833dada11278c695a1a0548e4d0ff4bedb94d2a25514c1ebefe7a9897f6a182ac1adcd26c87c5874d0e20992103ba40b6593274746ed299eecbf33af0fae68e631ce20d20d952794dfc85f232ffb403bff30c20329f6dd137c0f743d9ce1ac382c0a38827078a6d4cc361e412d677295ad7dedf286ef226cd4fec22776220976787c476db2fb4a7b95f0e14f902893a0b1fb3172ae78f218f04110dddc1efaeb57ea866d7a8a73638c534dbd0f3346c740541a62025871d5ff12e1f03c365df0b2485ff09603d6c7d407da26773655bfe2f80cf8840a89decc5938b5962418564635814b838cffdec2457eb1e4ea3a75f80f1131c92fb365c8edd4757935f594cabaa1af521aea36ce7ba8510decf52ba86e566253340cf82245b12a561fbc5572a3a3f49d87d75ed7cae5f1920c1e0f197e66bcbb881a45bc4587e5e870c99ac5d6cc8f0de805d072abd1c4cbe9eaf4eacea4d52f95bc684205c3f4781c1a445b511b5517c4097d8b96c54981e15e42cbba824ff4392d7af72294104597e25d89bdae3283047ed821d19ccccf5c7e8ae78a8a8a7e808b468ae16761eb23b0d71ea376132c486006409417efdb908f5036dedfb2c014e35c7b6c712a27c3253238d4c2b790a3838db77d79d4bf6b812dce4f8bc802665b6d8429141a575d0f6f807025ad85e010e92e8913c9bd60f2be8801108f260e3aa9bb634dea3fa3b7e469375f834d15bfaf4cfec44869ddfcd6342376a797d7316ddb38a5755db6e51bb88d2925e3f836f362a3073cbf39654a48068330fe0b056b9d50d8e59cd40aa0d1857cade2907bd61541c9a8ef67921bf389ed4f2028e7c17f4f1f7a0386c36d319870b74ef52b5d08969311046cdbf6d92ef37169d9b0f864342044b49a0c1ff099e04acc4caefe5d00b4a44be9a248f1b105f51fada36a985481ab7b3843af58075d9820a6146b0ee905975d2b5faf08e0a79f090a5cdc15b5d1b3d088c8bb5b6f604f2b66e9b09299ad9f929958d3af25c648a6b30f588c7aa4f0f7c8e1f9aa16bd3ec34ce1f05e6578a543ebfec16ab2e3d32578f8002a3f66efe7b84c4aa80f6e8a1a9972c6fd09215c1d856bf739849a61dcbeebbec22eef007fc7cdae1e93130cab6d9f0574b55e1dacb276c714c586ae306cd6034d9a599e61d790ac7fca5207bcfdeac8b11b01bdd0d74a03afe2b645dd96f643c4eab743dde5fc5cd594393f6a0a5eb63d27a02d66f8b16cdc88fbc3eb5bee4da2b9c0ea30c1c14d997c2391f9413788c24a25b251d2a9259d57559cd3e7926a44e5e69d151583681fbe4012de257d161569184c95662c2d7dfddd8d2edc0e5770d1de7db47770bb012435be641287e773dbff52952fcb9475ddbf558859e1e0d226aaf23674f7e2915e584a4d258b30292846744c7553c98434a13bbf4f926cd2c5c763c9f3c31c65e1c50f1c857e3995412e42807608832887c12f9ffef5ed326e33481f43b7a3ccfb3b2a055f4ca33b3b02ae6b00f59bfeaa5b167306db232f89d0b67bbc21f73839720b8e4055048c606417ff549619ae90597816f6a7a52bfe06416187bcb43b0e66045b9c46424288322120dabc30804c3cd0179b7739eee29dfde34b146afa06addebb224e50f0aaf68024960b0a541dac229dffadd4d99b2fc2875b737aaa1904382c4ebda7ac0e8ed605a83076f20d0e603ac6e6fd6535e41cd258d35ec6edb42c83593917ed04e3e2e98f6e49eaf5959f97150bec1c931fb3eca14ebc2d56278ba137573fe187cbf6dcd9bde993965477f7f08f2385aad4c1ac8f24abd0e1cdc1e2d3bba156d75c248f28a3cbfd0c80cf19796294ee66f5fecb483164f288d6ec9688ae8887df0ec5e2781767c99344e2de14b7d91de02bf9774dfa9fb2bbe91f6255f73989a82e13a1797d8ca91b0c988386418043f3504bcf4b9e3e281d1b741288bca4af4d5a24c6cd7ef638d57043c3465b08703188b2e8ed89dbc39459e73eb6a1ecef4d004ab05912282f80b4de4b91269beb4a485858b4438ad4a624692087c75ef0da59ff9ad25f225d605fe1cf2291829163516cbb0105060b2b4d786b987c242405624a1484c5b0e6c1b0a08771a7dcd0aeee13a3aadd08c50d868fe1cf9dcd364245718696c6ec1382f2fa7233a19c25c825e10b5f41dda7d3a8329d7507a48d9df66927d9bda1a8ae6efc9ef02b2b733454119cffe4a4f033cbe5e2a161d56fedb98a2d96dca741b1de5f45786980ae32d2443ad95aa8c621dd91076945e0026454786eca167ed453f7a86ef5c1c9fe500bf7066496e26d6f2b291e02c0d7c17136d0c2d8cfc7c6e94cba720876ef13e3957a687e714bf2740075a210ea964473e0f3b2dd8988861faacded19dad076bf037b06d1504b62a28c421ea096b3fb4f6148aceecdf11a2e1f3a60c72df35df71bba8657869a31c465ba7e1665d40ac48471467831865247fc6413e3d26b07c203469629eebfb7949f6bc3d6c29886c62f12aaafb531267230238e8fa376696605ccccf911700618bb1e4930db4eaab39e2a893bd633eab533e2f884726cda71b9c9c2fb37838f5ddaf155d807182f56173da00b49ce9986d363fbed8d7d698fa1a52c7c530afd693d7f969db74b087a28ae1ef8c2ed3e1a99d582968dca8bd62500079276e760a115d97c299617a05b749b20aa3093eeee3f45a38196ae3db7700119f43cc1509cd5e3432090fdce21a978f37fe63ade3656de8a5ae90777706c5841ad7d3b436f3e0d22e4526378a4d3a4f5845efa666f3b10c96020d9a64c9b30934b2cf50e36a232c31d6cdc40b81be287054dbf6fa2072801d91fd60692766d5fd053f51aac2f3a1bb5cfc2b8070cb3a0a9521e406b72eafde971aee2cf1e87c7ed3989d84adc50ab56ee9451c265a09f2c1c6fd165fa8a41dab26cb2fc1f5a2c8e42e25f372d9f7b75a897723dbbce4e88ac1d443ffe6263fdb4d8c71e6abbe87d130fdc1f15b53298bbc4c0ae00273cf269678def64b0b33839dd132d5b330e5fd56ac1e64c364b893b1a6882404ddac4341f95ce9eb4caa755094cf46c119b044e20c6bad421e60457069cf6429e97f69b7e732efc1b5baca13f30a165e3524e27ac5cbcc85e47d03beb6bcbe8db23572b518f3a18ad03e4ae51b3849cda098b66cb6a929859128937e24bdd1c5e086212f3df5bf0153a390c7fc0d6338361f8513f336f18aa38eb70634ae686294be858d914c5791c54f5864682bc821385f1f4b4c0ccae918b939d6dfe4317cb7694df54b7f8853d18d9494b8b6d7cecf725c64d34372078a1a7afbd31366d66d35e1495295b9b41824ee0af59758351f83c4763b2e3abc23925953b9ff631146a9daf39820c43a444d60f242ac57bcd214d63707f480eade18f87e490b257e46fe593bf1ff5c945bbbdf6168b224b03491147c37d70c0f48cd2c0856063320d1ce4d3e7a69a1dcf0e7482c0953e9c6e1beb0098e8b1ae93b813f7aab9584f84dc153c65c7f5924af5d59ac6c291ccf06d993e8bf3a41494d79afc4ead2820bd84391f55baa9d73bdba938759abcde35524424628fb53e3436cb37dba0694e2602473330768a4ea20422f2e7d3b63fc7d6c8249c4953d39c01a658feea55617797e3eb5b23fbdc77f2ac6d44b99974ab16a38aed8a592a485a84b68904a74f04f244e436ef3c5f2152c07eb54fa7a3cc3626532f415896b6f6521099b6662924fb4a5a87cf24cea8ababd3780abd7ef802a32688845e5ceffa336a61e690651af93dbc35d67ad34f8894fb39e0af0d8473b1c7f2f74d9445ba6355695347f1998bf62f8b027bd324f141aa87a3ca1e1a8b2ff4af07bc4f4f68ca38426f9565d86084528d884c6161cbf2f00bd7148c5ee3b17ffd4c142cddd431ef034803dfa6b4a2b8d45a9159de3b2ca348431a39bbc2d35ae50f8ecbbe4032afd46bdc5a762bedc398908cd09ae1d80a677c064ca1752af48fec3ee995723f0e5eb2bc91621f0119b3d76100d680b0f80c8387306a03feaf56edbb55ef00298fb921d6f87c0d289669487b6f658166047660372bb1fd448418a608e6980cc224c89cd5d0efb58f0068f4bb75eaac7c9893553979ae15effe1b547db55a3c4918d2bb2189f48de1f8de80099b75c9437ff6ce637d5d40c08bf16cf6f274f737512c6f4d16e0e28847f14e938f17949a13afdfd799e9d6d35ae16fae3d0c4a877d497ed4de88b83b6976bc4b61942577ee6308ea628725c4f5d1d696fa42f152d681bd2ff9fb4377719ff21659e79bcb477b26940729b7fc6535441b85e6b0fcb104ab752755a095ba01802c5dda32c2f24513084a76612c86ab493e1f89add982c4bfcc8a28b6b190bb847f89df6a0d06d0ef7facfffc5d8d0d58ebf6d8707cfea634a344b4a422546900c5f73098399f2975ff0b4ac1328a261e87b0a530b942a4dfaf5e2ef83074fba2f4aaebbaffa9f87edb9da7b7da2b4abbc8577791057b83e8b6b11192014a211630f4a806aa8dd26b30cc9f9717ce8338ab52f6f980cd839e1e6870a225f67b2dcc17443575eda0d4131a4c0635b7894ae4498669a434c91508fb9433315b29063e57e9b71eff8707fdcde12cdec3edd5193b5bc790d9d5f46e055cc5e2f9cb4ba9e683d6ec8cb630cab36cad0a6a68ed875b134af0359bc3172e921fe78868b1183f77275b8455ceca90b2859445c2bdcf7cc5a46b0561da79e0abfbb3b90ff8aba0eb7b9ee459d84b2a6eda36afdccfb15c5e105a114fd4cf2560a1b432e79eb2ca310414c542c06e5e0787fe0863f8cb843762470e0b06d075373884cb1ab2ef21917d3b20beab2c50d358ecbf613a8c8a1d2bc85e5cb4103ebca9d08e02abbc9ed8278911ff0b1821b40f415738dd6b1ff5d29563aea863addac72e8117ffa711d45dfdf62dbac9cf65b4273d9d8314642407593d8976a502d0dc079eac44bfcff603013789038fb71084324cafa6bc989332d0f0bba990f25ac224bc44f7718e049f4687a73872cb461c50d366c13e1eddbb2719fb0447ab95f5f5fbb8fb7d9eefae5d9f14725d01046679c8f716ee2489fea4a502", @ANYBLOB="48edee0b010d1e63a23d92cf0d4c3d00066ff0858fa6f3ee913e511fa289d2476ee54bd6a1f32898f72a58d637e3dbf8dd5d07ea770324987b2db61870b8e7c3ff9c42ff889056a5b7fa548d21135046d663"], @ANYRES64=r2])

23:32:51 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xbe, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:51 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$inet6_dccp_buf(r1, 0x21, 0x2, &(0x7f00000001c0)="17ee880426907bb1c495b4986f8688f34f233632b4eca5075ed5bd", 0x1b)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000000b0601000000000000000000000000000500010007000000c4038652d24d645be150871edeb0772e4346e8a0005f83f160eb9d0b6e7b9dc535eba4121189166aaada861b57c26c23d5228cf1835aa4991e4036a0e82f56c71f23fb02383cf6a300f82014ce99db88eb5de22f52b985cdb8c24ff99164ddb4b3a3aac245257ed2"], 0x1c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="16feffff0b062000fcffffff00000000000000005afe010007000000d9ec1f79fd7be1a5a78bd8dd0a978d2bcd128e2ef8976af0222b00ec3741c0ca3ccc7f5527a9a803690c5c2a25e5f91d7fb4dbfa207b557da86736ec3af2a8ec5a95dffc41af91d72676cad7246efe54a045f0593ecff2dfe3cb554206daa55e91c788daecc49996377c35b64163ae74ed2db08dfc03e9e1aca1bff3ebd7a8d715841bd441fd946a313458a2fdd6c46983ae8f150053093840e770e1f8e5ff56652db0e4cae7884aa74fa3c7f4ae1d07a8d2306ade70f7f807dd982ed2b96f23d7db6e062c891e47e01c37cfdcbd0fad37a5e86b9bfc6bd14420a1850d903e69d20de6eb519884cb772a5cd01777285da14abfb21661bd7db8a3878169a26f68a41f57e3280dfcf03c99b26be40546deed33ca00000000000000000000000000a32846d82614e004e868f43ff66061814bdfa0c524f87f6f3000856b2d13b8c9368317bbc02a0312186641f21b4cd686fd62286e628bc1874c242d2eb86183a8000000"], 0x1c}}, 0x0)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000440)=<r4=>0x0)
r5 = gettid()
ptrace$setopts(0x4206, r5, 0x0, 0x0)
tkill(r5, 0x20)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r8 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000480)='/dev/video37\x00', 0x2, 0x0)
kcmp(r4, r5, 0x0, r7, r8)
r9 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz'}, &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r9, &(0x7f0000000240)=""/112, 0x349b7f55)
r10 = add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, r9)
keyctl$describe(0x6, r10, &(0x7f00000002c0)=""/132, 0x84)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000240)={'veth1_to_bridge\x00', {0x2, 0x4e20, @multicast1}})
r11 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, &(0x7f0000000140)=0x7ff, 0x2)
set_mempolicy(0x1, &(0x7f0000000180)=0x5, 0x7)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r11, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$TIPC_GROUP_LEAVE(r11, 0x10f, 0x88)
getsockopt$inet_dccp_int(r0, 0x21, 0x4, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r12 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r12, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:51 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

[  830.665348] audit: type=1804 audit(1578871971.767:3019): pid=16253 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1311/bus" dev="sda1" ino=16895 res=1
[  830.719630] encrypted_key: insufficient parameters specified
23:32:51 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xbf, 0x0, 0x0, 0x0, 0x0, 0x0})

[  830.778190] encrypted_key: insufficient parameters specified
[  830.811582] audit: type=1800 audit(1578871971.797:3020): pid=16253 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16895 res=0
23:32:52 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xc0, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:52 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xc1, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:52 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:52 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000000)={0xff, 0x1, 0x3})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={<r2=>0x0, r1, 0x0, 0x7, &(0x7f0000000140)='md5sum\x00', 0xffffffffffffffff}, 0x30)
r3 = epoll_create1(0x0)
r4 = epoll_create1(0x0)
close(r3)
setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000240)={0x80000001, 0x6, 0x962a8438}, 0xc)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$sock_inet_SIOCGARP(r5, 0x8954, &(0x7f0000000280)={{0x2, 0x4e21, @remote}, {0x305, @remote}, 0x2, {0x2, 0x9, @multicast2}})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000c85000))
readv(r3, &(0x7f0000266000)=[{&(0x7f000032cf93)=""/109, 0x6d}], 0x1)
kcmp$KCMP_EPOLL_TFD(0x0, r2, 0x7, r0, &(0x7f00000001c0)={r3, r0, 0x81})
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
accept4$packet(r6, &(0x7f0000000040)={0x11, 0x0, <r7=>0x0}, &(0x7f0000000080)=0x14, 0x81000)
socket(0x4, 0x4, 0x2)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000000c0)=r7)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x20000000, 0x0, 0x0, 0x0})

23:32:52 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:52 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xc2, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:52 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8f1b, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bind$llc(r1, &(0x7f0000000080)={0x1a, 0x0, 0x7}, 0x10)
sendmmsg(r1, 0x0, 0x0, 0x40000)
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
r2 = gettid()
ptrace$setopts(0x4206, r2, 0x0, 0x0)
tkill(r2, 0x20)
r3 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0xe7, 0x10000)
perf_event_open(&(0x7f00000000c0)={0x4, 0x70, 0x20, 0x0, 0x0, 0x30, 0x0, 0x58, 0xd1f96cbcee98bc30, 0x7, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x4, @perf_config_ext={0x8000, 0x1f}, 0x8900, 0x80000001, 0x240, 0x1, 0x1, 0x6, 0x2}, r2, 0xa, r3, 0x2)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet6_dccp_buf(r3, 0x21, 0xc0, &(0x7f0000000140)="a297f5da76a8c19eacbd222dae3a8e1afaebd4014dae13c0cf4e6b0e4d", 0x1d)
open(0x0, 0x0, 0x0)
open(0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x4001, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x5000aea5, &(0x7f0000000080))

23:32:52 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:52 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:52 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xc3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:52 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:52 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xc4, 0x0, 0x0, 0x0, 0x0, 0x0})

[  831.601724] audit: type=1804 audit(1578871972.717:3021): pid=16303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir174784256/syzkaller.6RHt1T/1486/bus" dev="sda1" ino=16833 res=1
23:32:52 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@initdev}}}, &(0x7f0000000180)=0xe8)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xc0, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=0xfffffffffffffffa, 0x0, <r5=>0x0, 0x0, &(0x7f0000000280)={0x4, 0x3}, 0x0, 0x0, &(0x7f00000002c0)={0x1, 0xb, 0x40, 0x401}, &(0x7f0000000380)=0x3, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=0x1}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0x6, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x7c}, [@map_val={0x18, 0xac8f5541992bc7eb, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x6}, @generic={0xff, 0x5, 0x2, 0x101}]}, &(0x7f0000000640)='syzkaller\x00', 0x56, 0x89, &(0x7f0000000680)=""/137, 0x0, 0x3, [], 0x0, 0x4, r4, 0x8, &(0x7f0000000740)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000780)={0x0, 0x10, 0x0, 0x1f}, 0x10, r5}, 0x78)
socket$inet_sctp(0x2, 0x1, 0x84)
r6 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r6, 0x84, 0x20, &(0x7f0000000300), &(0x7f0000000340)=0x4)
r7 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/enforce\x00', 0x4c0000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x4, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x9}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x4214, 0x0, 0x0, 0x0, 0x75fd}, @exit]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x1000, &(0x7f0000000440)=""/4096, 0x505ad73bd685eb3e, 0x4, [], r2, 0x17, r3, 0x8, &(0x7f00000001c0)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000200)={0x2, 0x1, 0x20, 0x7}, 0x10, r5, r7}, 0x78)

23:32:52 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xc5, 0x0, 0x0, 0x0, 0x0, 0x0})

[  831.729303] audit: type=1804 audit(1578871972.737:3022): pid=16314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1312/bus" dev="sda1" ino=16849 res=1
23:32:53 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockname$tipc(r0, &(0x7f0000000000)=@name, &(0x7f0000000040)=0x10)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  831.767795] audit: type=1800 audit(1578871972.747:3023): pid=16303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=16833 res=0
[  831.793342] audit: type=1800 audit(1578871972.757:3024): pid=16314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16849 res=0
23:32:53 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xc6, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:53 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x0, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:53 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$PNPIPE_HANDLE(r0, 0x113, 0x3, &(0x7f0000000000)=0x8, 0x4)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000400)={0x3, 0x1, 0x15, 0x0, 0x0, 0x0})

23:32:53 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x0, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:53 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xc7, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:53 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000000000)=0xffffffff)

23:32:53 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xb7, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:53 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xc8, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:53 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r1=>0x0)
ptrace$cont(0x9, r1, 0xffff, 0x10001)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  832.311518] audit: type=1804 audit(1578871973.407:3025): pid=16367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1416/bus" dev="sda1" ino=16833 res=1
23:32:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:53 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x2, 0x3}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  832.487546] audit: type=1800 audit(1578871973.447:3026): pid=16367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16833 res=0
23:32:53 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x0, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:53 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xc9, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:53 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000001c0)=0xfffffffffffffde9)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ocfs2_control\x00', 0x121c41, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f0000000080)={0x0, 0x3, 0xffff, r1, 0x0, &(0x7f0000000040)={0x9a0916}})
ioctl$UI_SET_RELBIT(r2, 0x40045566, 0x1)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r4, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
renameat2(r1, &(0x7f0000000180)='./file0\x00', r5, &(0x7f0000000200)='./file0\x00', 0x996b8876539056ff)
r6 = syz_open_pts(0xffffffffffffffff, 0x2)
ioctl$GIO_UNISCRNMAP(r6, 0x4b69, &(0x7f00000000c0)=""/171)

23:32:54 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'vlan0\x00'})
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$netrom_NETROM_T1(r4, 0x103, 0x1, &(0x7f00000000c0)=0x5, 0x4)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000998e49f8600214fc7e00"/32])

23:32:54 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:54 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xca, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:54 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r3 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000280)={<r7=>r6})
getsockopt$bt_l2cap_L2CAP_LM(r7, 0x6, 0x3, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
fgetxattr(0xffffffffffffffff, &(0x7f0000000240)=@random={'user.', '\x00'}, &(0x7f0000000440)=""/4096, 0x1000)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000100)={r4, @in6={{0xa, 0x4e21, 0x400, @loopback, 0xde7}}, [0x8, 0x87c, 0x1ff, 0x6, 0x92, 0x101, 0xffff, 0x0, 0x56, 0x3, 0x100, 0x7fffffff, 0xfff, 0x7, 0x5]}, &(0x7f0000000200)=0x100)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f0000000080)={0x980000, 0x8, 0x8, <r8=>0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xa2095b, 0x1, [], @p_u16=&(0x7f0000000000)=0xfff8}})
ioctl$KDGKBTYPE(r8, 0x4b33, &(0x7f00000000c0))
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:54 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, 0x0)

23:32:54 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xcb, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:54 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x0, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ff1000/0xf000)=nil, 0xf000, 0x800009, 0x10, r0, 0xa0acb000)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
open_by_handle_at(r0, &(0x7f0000000180)={0x6a, 0x7, "924f3485023c705741645b5a89f4ddb6aa77e1d96881d88d699f908aeae2551420bda07c27307645331c5d0ea97d8b6467d61446b361a0d444a9d540dcce82e10ff4a509cdebf00cbce66f8c85ff2b94ca67e928c356ed5107273b11645b7cb9e9c3"}, 0x4000)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000240)={0x1fd, 0x0, &(0x7f0000fff000/0x1000)=nil})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f00000000c0)={r3, r4, 0xa976, 0x7, &(0x7f0000000040)="449fc0a7c16d60", 0x4, 0x2d, 0x6, 0x1, 0x20, 0x4, 0xf7a2, 'syz0\x00'})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x5000aea5, &(0x7f0000000080))

23:32:54 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xcc, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:54 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'vlan0\x00'})
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$netrom_NETROM_T1(r4, 0x103, 0x1, &(0x7f00000000c0)=0x5, 0x4)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000998e49f8600214fc7e00"/32])

23:32:54 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, 0x0)

23:32:54 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x4000, 0x0)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x40003, 0x197, 0x0})

23:32:54 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xcd, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ff1000/0xf000)=nil, 0xf000, 0x800009, 0x10, r0, 0xa0acb000)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
open_by_handle_at(r0, &(0x7f0000000180)={0x6a, 0x7, "924f3485023c705741645b5a89f4ddb6aa77e1d96881d88d699f908aeae2551420bda07c27307645331c5d0ea97d8b6467d61446b361a0d444a9d540dcce82e10ff4a509cdebf00cbce66f8c85ff2b94ca67e928c356ed5107273b11645b7cb9e9c3"}, 0x4000)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000240)={0x1fd, 0x0, &(0x7f0000fff000/0x1000)=nil})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f00000000c0)={r3, r4, 0xa976, 0x7, &(0x7f0000000040)="449fc0a7c16d60", 0x4, 0x2d, 0x6, 0x1, 0x20, 0x4, 0xf7a2, 'syz0\x00'})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x5000aea5, &(0x7f0000000080))

23:32:54 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, 0x0)

23:32:54 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xce, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:54 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x0)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:54 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'vlan0\x00'})
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$netrom_NETROM_T1(r4, 0x103, 0x1, &(0x7f00000000c0)=0x5, 0x4)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000998e49f8600214fc7e00"/32])

23:32:54 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xcf, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:54 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={r5}, &(0x7f0000000040)=0x14)
r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r8=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000000)={r8}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000080)={r5, 0x5a2a293, 0x7, 0x4e, 0xfffb, 0x6, 0x60, 0xb9, {r8, @in6={{0xa, 0x4e21, 0x7ff, @remote, 0xe4f6}}, 0x1270924e, 0xff, 0x2c, 0xd0, 0x1a35}}, &(0x7f0000000140)=0xb0)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x5a, 0x0})

23:32:54 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:54 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x0, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:55 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCGETA(r0, 0x5405, &(0x7f0000000000))
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:55 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xd0, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:55 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:55 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'vlan0\x00'})
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$netrom_NETROM_T1(r3, 0x103, 0x1, &(0x7f00000000c0)=0x5, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:55 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x0)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:55 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000000)={0x3, 0x0, 0xfffffff9, 0x18, 0x1db, 0x0})
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x73)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f0000000040)={0x5, "007cdb6f2a59ee0fb0304175f42612cf001ca6d9eb18c410ec0282e6d306122ff6dddfae00bcca5cc4e96ded00626697f8601d266100203c12edff81a817198603dac3c06f6218ac4bf7961910af019aba0474beea45ee245bdee0ee7f2f87c32deda1caaca97b1e93c8560b0d7362fda42899b2e9f6c1094552147bd9e1e38ea8a0d5e6e168e4c538e525d8c5f1a22106b2efac8c22e56c8ab6f6fc5a1ae8709ee62f312a22c6a5c4b7a536acf94149c56005ec62d8b97e7cf017871805ff2c43c37e25e94b6e3d1814c87ceb69474325d507c2e738576ba4712370482a02ebbf43decce63bd432a1ceeb3f804ad80b9d7c1f22502544ff5e4dae3eda4af86f3bb343ff94234fd88645cf69209d674dd0646138b8651dc9027609732410521414a39987e7610a91ffac8b8b8b9d8083ee375ae5eda7223ad24e9c691add244e830f78f9f6bdea2a8dc1dd5a1bd219810fea170af2bd74f0f6941a039277c20a4a7acda58557aa26cb9c928d41cc66ac5dd00801525e83c54c35e8847feb073434ffcc44ba9eafd1f5fd078858c8877fbf52af8c81c7fe01b332f4f348202b35d15e222c04fa2940234d2cf4943224dcecb27044155bc38cfdf9b5f0bdbed2cef2a941b6f5dfca74417acdb84973bcbb6d022ea840c2da4a706f4ad8ca4f8215a20c6838ed0770bcc6dc9d69888c154037be520fe4c5d170d07311206c58c17f"})

23:32:55 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xd1, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:55 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:55 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'vlan0\x00'})
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:55 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:55 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xd2, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:55 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x0, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:55 executing program 4:
r0 = syz_open_dev$mice(&(0x7f0000002700)='/dev/input/mice\x00', 0x0, 0x2)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000002780)='TIPCv2\x00')
sendmsg$TIPC_NL_NAME_TABLE_GET(r0, &(0x7f0000002c00)={&(0x7f0000002740)={0x10, 0x0, 0x0, 0x8280c030}, 0xc, &(0x7f0000002bc0)={&(0x7f00000027c0)={0x3c4, r1, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_LINK={0x124, 0x4, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1ea}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x58}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x661d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x65c2}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x429}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100}]}]}, @TIPC_NLA_LINK={0xf0, 0x4, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6aa498a5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbc01}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1c75}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_BEARER={0x4c, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}]}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4cf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc6}]}]}, @TIPC_NLA_SOCK={0x24, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x40}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_SOCK={0x3c, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x780114e0}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x80}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_NET={0x3c, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x100000001}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x13a6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xc6a00000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3ff}, @TIPC_NLA_NET_NODEID={0xc}]}, @TIPC_NLA_LINK={0x9c, 0x4, [@TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe49}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc64}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_SOCK={0x18, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xb126}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8001}]}]}, 0x3c4}, 0x1, 0x0, 0x0, 0x4000}, 0x4080)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0xfffffffffffffdd5)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r7=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000000)={r7}, &(0x7f0000000040)=0x14)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000000)={r7, 0x582, 0x1c, "b74f842d2b5264c4290ef0482d6f9693dbf33ea72717f7938dcb1500"}, 0x24)
ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0)
ioctl$KDFONTOP_COPY(r2, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:55 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'vlan0\x00'})
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:55 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xd3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:55 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x0)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:55 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:55 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xd4, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:56 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:56 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'vlan0\x00'})
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:56 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x4, 0x0, 0x0})

[  834.943374] kauditd_printk_skb: 14 callbacks suppressed
[  834.943393] audit: type=1804 audit(1578871976.057:3041): pid=16577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1318/bus" dev="sda1" ino=17025 res=1
23:32:56 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xd5, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:56 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x4, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TIOCL_BLANKSCREEN(r1, 0x541c, &(0x7f0000000000))

[  835.199195] audit: type=1800 audit(1578871976.077:3042): pid=16577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17025 res=0
[  835.297611] audit: type=1804 audit(1578871976.227:3043): pid=16586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir174784256/syzkaller.6RHt1T/1492/bus" dev="sda1" ino=16705 res=1
[  835.333563] audit: type=1800 audit(1578871976.257:3044): pid=16586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=16705 res=0
23:32:56 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x0, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:56 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:32:56 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:56 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:56 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xd6, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:56 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)

23:32:56 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x0, 0x4, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, 0x7, 0x6, 0x400, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0xfff}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x7}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x4}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x6}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x4}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x7ff}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0xf83e}]}, 0x60}, 0x1, 0x0, 0x0, 0x1000}, 0x4011)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r1, 0x28, 0x0, &(0x7f0000000000)=0x20, 0x8)

23:32:56 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xd7, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:56 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:56 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

[  835.718434] audit: type=1804 audit(1578871976.807:3045): pid=16626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1319/bus" dev="sda1" ino=16657 res=1
23:32:57 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000000)={0x7, 0x551, 0x7e, 0x54, 0xd, "f86658c938286ee93be60f66a06c5f283f0625"})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000040)={{{@in6=@loopback, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@multicast1}}, &(0x7f0000000140)=0xe8)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000240)={0xb0, 0x0, 0x7, [{{0x0, 0x0, 0x0, 0x4, 0x100, 0x5, {0x2, 0x1, 0x7fff, 0xc004, 0x80000001, 0xfc7, 0xffff, 0x3, 0x0, 0x7, 0x6, r2, r3, 0xea}}, {0x2, 0x0, 0x6, 0x3, 'cpuset'}}]}, 0xb0)

23:32:57 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xd8, 0x0, 0x0, 0x0, 0x0, 0x0})

[  835.917552] audit: type=1800 audit(1578871976.847:3046): pid=16626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16657 res=0
[  836.074603] audit: type=1804 audit(1578871977.117:3047): pid=16641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir174784256/syzkaller.6RHt1T/1493/bus" dev="sda1" ino=16673 res=1
[  836.188242] audit: type=1800 audit(1578871977.147:3048): pid=16641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=16673 res=0
23:32:57 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x0)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:57 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:57 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:57 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xd9, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:57 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000))
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:57 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:32:57 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xda, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:57 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:57 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:57 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xdb, 0x0, 0x0, 0x0, 0x0, 0x0})

[  836.502264] audit: type=1804 audit(1578871977.617:3049): pid=16678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1320/bus" dev="sda1" ino=16673 res=1
23:32:57 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:32:57 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

[  836.658263] audit: type=1800 audit(1578871977.667:3050): pid=16678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16673 res=0
23:32:58 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={r5}, &(0x7f0000000040)=0x14)
r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r8=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000000)={r8}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000080)={r5, 0x5a2a293, 0x7, 0x4e, 0xfffb, 0x6, 0x60, 0xb9, {r8, @in6={{0xa, 0x4e21, 0x7ff, @remote, 0xe4f6}}, 0x1270924e, 0xff, 0x2c, 0xd0, 0x1a35}}, &(0x7f0000000140)=0xb0)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x5a, 0x0})

23:32:58 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:58 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xdc, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:58 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xdd, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:58 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x0)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:58 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:58 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={r5}, &(0x7f0000000040)=0x14)
r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r8=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000000)={r8}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000080)={r5, 0x5a2a293, 0x7, 0x4e, 0xfffb, 0x6, 0x60, 0xb9, {r8, @in6={{0xa, 0x4e21, 0x7ff, @remote, 0xe4f6}}, 0x1270924e, 0xff, 0x2c, 0xd0, 0x1a35}}, &(0x7f0000000140)=0xb0)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x5a, 0x0})

23:32:58 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xde, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:58 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:58 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={r5}, &(0x7f0000000040)=0x14)
r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r8=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000000)={r8}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000080)={r5, 0x5a2a293, 0x7, 0x4e, 0xfffb, 0x6, 0x60, 0xb9, {r8, @in6={{0xa, 0x4e21, 0x7ff, @remote, 0xe4f6}}, 0x1270924e, 0xff, 0x2c, 0xd0, 0x1a35}}, &(0x7f0000000140)=0xb0)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x5a, 0x0})

23:32:58 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xdf, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:58 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x0)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:59 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:59 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x14)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r7=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000000)={r7}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000080)={r4, 0x5a2a293, 0x7, 0x4e, 0xfffb, 0x6, 0x60, 0xb9, {r7, @in6={{0xa, 0x4e21, 0x7ff, @remote, 0xe4f6}}, 0x1270924e, 0xff, 0x2c, 0xd0, 0x1a35}}, &(0x7f0000000140)=0xb0)

23:32:59 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xe0, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:59 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:59 executing program 0:
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:59 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x14)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r7=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000000)={r7}, &(0x7f0000000040)=0x14)

23:32:59 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xe1, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:59 executing program 0:
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:59 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:59 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x14)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)

23:32:59 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x0)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:32:59 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xe2, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:59 executing program 0:
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:59 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:59 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xe3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:59 executing program 0:
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:59 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x14)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)

23:32:59 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xe4, 0x0, 0x0, 0x0, 0x0, 0x0})

23:32:59 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0xbe, [], 0x80, 0xfff})

23:32:59 executing program 0:
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:32:59 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x14)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)

23:33:00 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xe5, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:00 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(0x0, 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:00 executing program 0:
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8, 0x3e, 0x1, 0x1}]}, 0x10)

23:33:00 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x14)

23:33:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xbe, [], 0x80, 0xfff})

23:33:00 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xe6, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:00 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, 0x0, 0x0)

23:33:00 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)

23:33:00 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xe7, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, [], 0x80, 0xfff})

23:33:00 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x0)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:00 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)

23:33:00 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xe8, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:00 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(0x0, 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:00 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)

23:33:00 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xe9, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, [], 0x80, 0xfff})

23:33:01 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)

23:33:01 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xea, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0xfff})

23:33:01 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x0)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:01 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(0x0, 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:01 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xeb, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:01 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)

[  840.129731] kauditd_printk_skb: 12 callbacks suppressed
[  840.129747] audit: type=1804 audit(1578871981.257:3063): pid=16918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1440/bus" dev="sda1" ino=16928 res=1
23:33:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})

23:33:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:33:01 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

[  840.376375] audit: type=1800 audit(1578871981.307:3064): pid=16918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16928 res=0
23:33:01 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xec, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:01 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

23:33:01 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

23:33:01 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x0)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:01 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:01 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

23:33:01 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xed, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:02 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

23:33:02 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

23:33:02 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xee, 0x0, 0x0, 0x0, 0x0, 0x0})

[  840.951973] audit: type=1804 audit(1578871982.067:3065): pid=16954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1441/bus" dev="sda1" ino=16943 res=1
23:33:02 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

23:33:02 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

[  841.135625] audit: type=1800 audit(1578871982.117:3066): pid=16954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16943 res=0
23:33:02 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xcd, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:02 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xef, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:02 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

[  841.338208] audit: type=1804 audit(1578871982.207:3067): pid=16965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1328/bus" dev="sda1" ino=16926 res=1
23:33:02 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x2, 0x3}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  841.611221] audit: type=1804 audit(1578871982.727:3068): pid=16995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1442/bus" dev="sda1" ino=16657 res=1
[  841.649990] audit: type=1800 audit(1578871982.747:3069): pid=16995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16657 res=0
[  843.932804] audit: type=1800 audit(1578871985.067:3070): pid=16965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="sda1" ino=16926 res=0
23:33:05 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:05 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xf0, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:05 executing program 4:
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000440)=""/4096)
r0 = pkey_alloc(0x0, 0x2)
pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, r0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000140)={0x5, 0x6, 0x4, 0x2, 0x1, {}, {0x1, 0x48a8a33e3e8a3c14, 0x5, 0x7f, 0x1, 0x2, "68614a9e"}, 0x9, 0x1, @planes=&(0x7f0000000080)={0x7, 0xeb94, @fd, 0xfff}, 0x3, 0x0, <r2=>r1})
getsockopt$packet_int(r2, 0x107, 0x8, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYRESOCT], 0x1}, 0x1, 0x0, 0x0, 0x20000008}, 0x20000000)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r3, 0x8983, &(0x7f0000000000)={0x1, 'vcan0\x00', {}, 0x9315})
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000000)={r6}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000300)=ANY=[@ANYRES32=r6, @ANYBLOB="7400000020e187df2a2b912a6a0b6e1bc6bb1ab987f90d835298b562692d4903c2688c754f287c429e8670cbf8832afe64de18cb7d69ac4584230131830e8dbaad7dd4ce60ed79c3c5e372b4bcbeada5e4820ee416444334fbd88cf2da730dff525db7120ae428017697a0c32256bc6f386d485ec14bded190de16c02fce41"], &(0x7f00000002c0)=0x7c)

23:33:05 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:05 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

23:33:05 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))
socket$rds(0x15, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x1, 0x0, 0x1f, 0x0, 0x5, 0x80, 0x7, 0x1, 0x1a, 0x3f, 0x0, 0xff, 0x0, 0x3ff, 0x5, 0x5, 0x4, 0x3, 0xbe, [], 0x80, 0xfff})

23:33:05 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

23:33:05 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xf1, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:05 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcsa\x00', 0x80, 0x0)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000180)=0x1, 0x4)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000000)='l2tp\x00')
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x80404509, &(0x7f0000000240)=""/85)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
write$binfmt_misc(r3, &(0x7f0000000040)={'syz1', "0f00d4df1f68a5e075ba41306d4292fa33801ddfb0edf681b50da8ca053d00b6c99ac47294a6320ec016e2174ed9bb66ad0080c57119dc56d28cdfe5bf64364d6ca6635e0150586d8cfd20a4e0c0230d292cc13b8d456f509c96c59c51672e47af46d8b6ec0141582ea491bd52c84dc8429e5aff0475fa5e1075be5b95724a8bcdc3c95e0fc5536fb9a26d0de1223bacec06c5da500c51329e48bee310f4a8ac1d30f761b50878f273eeb75820e0b23a0116c75ebe7567511b"}, 0xbd)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$inet_sctp_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f0000000100)={0x0, 0x5}, 0x8)

23:33:05 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  844.217632] audit: type=1804 audit(1578871985.337:3071): pid=17009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir833273162/syzkaller.TqqVdk/1521/bus" dev="sda1" ino=16976 res=1
23:33:05 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xf2, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:05 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

[  844.364072] audit: type=1800 audit(1578871985.387:3072): pid=17009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=16976 res=0
23:33:08 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:08 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x7, 0x1)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000080)={0x2, {0x2, 0x1, 0x800, 0xfff, 0x80, 0x2}})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0xfffffffa, 0x1d, 0x6c, 0x0})
socket$rxrpc(0x21, 0x2, 0xa)

23:33:08 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xf3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:08 executing program 3:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f0000000040)={0xfff9, 0x7fff, 0x9})

23:33:08 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x0, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:08 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x80, 0x2}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:08 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, 0x0)

23:33:08 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xf4, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:08 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000000)={<r1=>0x0, 0x1}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000080)={r1, 0x0, 0x6, 0x8000}, &(0x7f00000000c0)=0x10)
r2 = syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0x0, 0x40380)
r3 = gettid()
ptrace$setopts(0x4206, r3, 0x0, 0x0)
tkill(r3, 0x20)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f0000000200)={{0x6, 0xe88a6c8dcecce3b3, 0x71b, 0x700, '\x00', 0xfb}, 0x5, 0x30, 0x5, r3, 0x0, 0xcb59, 'syz0\x00', &(0x7f0000000140), 0x0, [], [0x1003, 0x8dee, 0xfff7, 0x21]})
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$XDP_UMEM_FILL_RING(r4, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r5, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  847.214698] kauditd_printk_skb: 3 callbacks suppressed
[  847.214715] audit: type=1804 audit(1578871988.297:3076): pid=17058 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1445/bus" dev="sda1" ino=16991 res=1
23:33:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd, 0x0, <r3=>0xffffffffffffffff})
r4 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r10, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r14}}, 0x20}}, 0x0)
r15 = socket$nl_route(0x10, 0x3, 0x0)
r16 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r15, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r17}}, 0x20}}, 0x0)
r18 = socket$nl_route(0x10, 0x3, 0x0)
r19 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r19, &(0x7f0000000100)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r18, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r20}}, 0x20}}, 0x0)
r21 = socket$nl_route(0x10, 0x3, 0x0)
r22 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r22, &(0x7f0000000100)={0x11, 0x0, <r23=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r21, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r23}}, 0x20}}, 0x0)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
r27 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r27, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r27, &(0x7f00000001c0)={0x11, 0x0, <r28=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r29 = socket$nl_route(0x10, 0x3, 0x0)
r30 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r30, &(0x7f0000000100)={0x11, 0x0, <r31=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r29, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r31}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, <r32=>0x0}, &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={<r33=>0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, <r34=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, <r35=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
r36 = socket$nl_route(0x10, 0x3, 0x0)
r37 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r37, &(0x7f0000000100)={0x11, 0x0, <r38=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r36, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r38}}, 0x20}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000cc0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000c80)={&(0x7f00000005c0)={0x69c, r4, 0x20, 0x70bd2c, 0x25dfdbff, {}, [{{0x8, 0x1, r7}, {0x1c0, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x2, 0x40, 0x5, 0x9}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0xd20}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x7fffffff}}, {0x8, 0x6, r10}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x3, 0x2, 0x8, 0x101}, {0x1, 0x4, 0x6, 0x7}, {0x1, 0x0, 0xf9, 0x96}, {0x9, 0x0, 0x39, 0x6}, {0xff, 0x3, 0x4, 0x8}, {0x2331, 0xeb, 0x6, 0x8000}]}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x2e, 0x6, 0x90, 0x3}, {0x94, 0x8, 0x8, 0x5eba00}, {0xc10, 0x89, 0x2}, {0x2, 0xa8, 0x3, 0x80000000}, {0x503c, 0x5, 0x1, 0x80000000}, {0x100, 0x9a, 0xea, 0x6}]}}}]}}, {{0x8, 0x1, r11}, {0x270, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r17}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r20}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r23}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x88fd}}, {0x8, 0x6, r26}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r28}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r31}}}]}}, {{0x8, 0x1, r32}, {0x10c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x9b}}}, {0x84, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x54, 0x4, [{0x46, 0xd, 0xa2}, {0x30, 0x8, 0x3, 0x1}, {0x82c2, 0x20, 0xdb, 0x401}, {0x1, 0x0, 0x81, 0x7de}, {0x1, 0x0, 0xe0, 0xb6d}, {0x3e91, 0x8e, 0xfe, 0xffff}, {0x100, 0x3f, 0x0, 0x7}, {0xf9, 0x88, 0xc6, 0xfffffffb}, {0x8, 0x6d, 0x4, 0x3}, {0x1, 0xc8, 0x3, 0x8}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r33}, {0x12c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x5b}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r34}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r35}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r38}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x9, 0x7, 0x8, 0xfffff801}]}}}]}}]}, 0x69c}, 0x1, 0x0, 0x0, 0x84}, 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:33:08 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000000)={0x3, 0x0, 0x14, 0x0, 0x0, 0x0})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000007b01000000000063090b7818cb25d2000000000000000000"])
ioctl$KVM_KVMCLOCK_CTRL(r5, 0xaead)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r7 = dup2(r1, r6)
setsockopt$inet6_int(r7, 0x29, 0x9, &(0x7f0000001400)=0x4, 0x4)

23:33:08 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xf5, 0x0, 0x0, 0x0, 0x0, 0x0})

[  847.470819] audit: type=1800 audit(1578871988.417:3077): pid=17058 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16991 res=0
[  847.638531] audit: type=1804 audit(1578871988.427:3078): pid=17061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir833273162/syzkaller.TqqVdk/1522/bus" dev="sda1" ino=17001 res=1
[  847.672516] audit: type=1800 audit(1578871988.457:3079): pid=17061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17001 res=0
[  847.883603] audit: type=1804 audit(1578871989.007:3080): pid=17103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1330/bus" dev="sda1" ino=16938 res=1
23:33:11 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r1, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:33:11 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xf6, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:11 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x16, 0x6f, 0x1, {0x1, [{0x80, 0x2}]}}, 0x16)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:11 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd, 0x0, <r3=>0xffffffffffffffff})
r4 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r10, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r14}}, 0x20}}, 0x0)
r15 = socket$nl_route(0x10, 0x3, 0x0)
r16 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r15, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r17}}, 0x20}}, 0x0)
r18 = socket$nl_route(0x10, 0x3, 0x0)
r19 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r19, &(0x7f0000000100)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r18, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r20}}, 0x20}}, 0x0)
r21 = socket$nl_route(0x10, 0x3, 0x0)
r22 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r22, &(0x7f0000000100)={0x11, 0x0, <r23=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r21, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r23}}, 0x20}}, 0x0)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
r27 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r27, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r27, &(0x7f00000001c0)={0x11, 0x0, <r28=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r29 = socket$nl_route(0x10, 0x3, 0x0)
r30 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r30, &(0x7f0000000100)={0x11, 0x0, <r31=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r29, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r31}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, <r32=>0x0}, &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={<r33=>0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, <r34=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, <r35=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
r36 = socket$nl_route(0x10, 0x3, 0x0)
r37 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r37, &(0x7f0000000100)={0x11, 0x0, <r38=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r36, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r38}}, 0x20}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000cc0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000c80)={&(0x7f00000005c0)={0x69c, r4, 0x20, 0x70bd2c, 0x25dfdbff, {}, [{{0x8, 0x1, r7}, {0x1c0, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x2, 0x40, 0x5, 0x9}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0xd20}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x7fffffff}}, {0x8, 0x6, r10}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x3, 0x2, 0x8, 0x101}, {0x1, 0x4, 0x6, 0x7}, {0x1, 0x0, 0xf9, 0x96}, {0x9, 0x0, 0x39, 0x6}, {0xff, 0x3, 0x4, 0x8}, {0x2331, 0xeb, 0x6, 0x8000}]}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x2e, 0x6, 0x90, 0x3}, {0x94, 0x8, 0x8, 0x5eba00}, {0xc10, 0x89, 0x2}, {0x2, 0xa8, 0x3, 0x80000000}, {0x503c, 0x5, 0x1, 0x80000000}, {0x100, 0x9a, 0xea, 0x6}]}}}]}}, {{0x8, 0x1, r11}, {0x270, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r17}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r20}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r23}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x88fd}}, {0x8, 0x6, r26}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r28}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r31}}}]}}, {{0x8, 0x1, r32}, {0x10c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x9b}}}, {0x84, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x54, 0x4, [{0x46, 0xd, 0xa2}, {0x30, 0x8, 0x3, 0x1}, {0x82c2, 0x20, 0xdb, 0x401}, {0x1, 0x0, 0x81, 0x7de}, {0x1, 0x0, 0xe0, 0xb6d}, {0x3e91, 0x8e, 0xfe, 0xffff}, {0x100, 0x3f, 0x0, 0x7}, {0xf9, 0x88, 0xc6, 0xfffffffb}, {0x8, 0x6d, 0x4, 0x3}, {0x1, 0xc8, 0x3, 0x8}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r33}, {0x12c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x5b}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r34}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r35}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r38}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x9, 0x7, 0x8, 0xfffff801}]}}}]}}]}, 0x69c}, 0x1, 0x0, 0x0, 0x84}, 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:33:11 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000500)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x800100}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0x9c, r1, 0x20, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3ff}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x29d}, @IPVS_CMD_ATTR_DEST={0x58, 0x2, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e23}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x6}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e20}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x9}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x200}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x400}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r2, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0xd, 0x0, 0x0, 0x0})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$DRM_IOCTL_MODESET_CTL(r4, 0x40086408, &(0x7f0000000480)={0x5, 0x7fffffff})
ioctl$KDFONTOP_SET_DEF(r3, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x1, 0x0})
ioctl$KDFONTOP_SET_DEF(r3, 0x4b72, &(0x7f0000000440)={0x2, 0x0, 0x20, 0xe, 0x118, &(0x7f0000000000)="7c4f2a81a4a95c9bf5f2177b427cdf16b78fdc2fa1afc9ab283729bd2d01a221eae9a413441d30817f8b0ba9a748f39c278181789b3eed82fbbd3ddaa01c47ffbe46925691330cc3284657ed6b13a77d32c8f51a417bdfd3cf2be23602915d3d77ffa1025fd1f0212c77e2493ccd69db2b46f3fe72be6d4e1eac2fba11506161578b20bc88ffc792139500eafdea4faaddff42630c796601ce28e486dc1a5dd13de399fb9e27081ff87c9aee0d781d23b28ca79040c90e8c1ff6235a0ad5413ff2effd82163ef33b4a3ca6eb662e9aff2a916ddad042906ceba816bed83f58e902fb63a462f4742a04d4292584fa4833602edbb08865a13a36803c469e0e46fddde8c68b8e45057b1b8d725ee4eabeb68a669e12baf79141bb59b278f42a0f902c80ff1f1f756f7eb0582a00690c8b28297e0bb26ee7a490151ae57aa2ae1cc2b72904de3a046206458ce96ba59a160121c27fd7d837a4b75fa7014d7bb13e51b83d9b178a54f54ff8aaede747eba4ba793badf562945681a2d31d3802a16edac4ae8e9763904198f0577e6b3f4dd849f195d113bdd2b5fc82fb83aef575cb03054319cb35ad819cc49f252933bc24792cfa7315f6ec75ac064ea1f72a31f7c16cc13b8ee2442c35828a2423117a3613fc08cd6485384ec787c8bdef52c142f2361dfb148d4a97e29f01588fd6f324e4ed278862a3dda5f8e87f758a7af6afd74bc1ed2791f060abf64b20f9c39fb2982b711b3a4d9e81a18a8e3c9c0f8a5ca6243f887297ea58f0633cc4a8e3ff56a54de0028a09beabc4557d087dab09bc2401cd8e6026c6db8b436a866b960a82db45b756a511cef1945d7e504d613f8e93514c44248135d29aa9772244ca5bc8f6e0946c3cc653001e8722681ae8e90d8fa31d4ff2129316d60dad7dc581f53e965c46272ad550123d562d321f87874c968f84eb6247ca95dd43d9e9efc19df2fdccfb5d5a46148050c8a7d628bb90f99b79cefdd2e7e70ea223e997dec4930c23075fbfad4c50934ae2b244367372db8e9e1cc456644cca625d87b3bbd9a16b1ff17881088df44c650b848834aa34c461c78623268aacfd9e74826e8202981a6163f2512ef0a07d80a219a52ace05dfa48829f4317840d9cbdd307aa2cbaa898637921958b5275643987afa9de83be958a0b084657e7de8af987ea28c78f43c1d52dd7d17c5c801110b80b12479dc075fc40b43e4eb16490d22cfdc34371ff519f9ef5efe1b12778ef35cef166edaecf477e0b48cb136d1b076b222d1277312360eafd0bddab7242bf0f2281f739db7f6bf6125612e375658c93f99d7b99e886e590f5cc499ec81f584442764a1ffeeaa3a6712e7af3c6478fbb68e1e135f4b73d626c35f663d69b07641229980336ed1d296f6223e8ee884a2601e84834bbbcd236f30822819494d5de135a830a4a570"})

23:33:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd, 0x0, <r3=>0xffffffffffffffff})
r4 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r10, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r14}}, 0x20}}, 0x0)
r15 = socket$nl_route(0x10, 0x3, 0x0)
r16 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r15, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r17}}, 0x20}}, 0x0)
r18 = socket$nl_route(0x10, 0x3, 0x0)
r19 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r19, &(0x7f0000000100)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r18, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r20}}, 0x20}}, 0x0)
r21 = socket$nl_route(0x10, 0x3, 0x0)
r22 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r22, &(0x7f0000000100)={0x11, 0x0, <r23=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r21, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r23}}, 0x20}}, 0x0)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
r27 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r27, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r27, &(0x7f00000001c0)={0x11, 0x0, <r28=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r29 = socket$nl_route(0x10, 0x3, 0x0)
r30 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r30, &(0x7f0000000100)={0x11, 0x0, <r31=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r29, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r31}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, <r32=>0x0}, &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={<r33=>0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, <r34=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, <r35=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
r36 = socket$nl_route(0x10, 0x3, 0x0)
r37 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r37, &(0x7f0000000100)={0x11, 0x0, <r38=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r36, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r38}}, 0x20}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000cc0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000c80)={&(0x7f00000005c0)={0x69c, r4, 0x20, 0x70bd2c, 0x25dfdbff, {}, [{{0x8, 0x1, r7}, {0x1c0, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x2, 0x40, 0x5, 0x9}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0xd20}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x7fffffff}}, {0x8, 0x6, r10}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x3, 0x2, 0x8, 0x101}, {0x1, 0x4, 0x6, 0x7}, {0x1, 0x0, 0xf9, 0x96}, {0x9, 0x0, 0x39, 0x6}, {0xff, 0x3, 0x4, 0x8}, {0x2331, 0xeb, 0x6, 0x8000}]}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x2e, 0x6, 0x90, 0x3}, {0x94, 0x8, 0x8, 0x5eba00}, {0xc10, 0x89, 0x2}, {0x2, 0xa8, 0x3, 0x80000000}, {0x503c, 0x5, 0x1, 0x80000000}, {0x100, 0x9a, 0xea, 0x6}]}}}]}}, {{0x8, 0x1, r11}, {0x270, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r17}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r20}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r23}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x88fd}}, {0x8, 0x6, r26}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r28}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r31}}}]}}, {{0x8, 0x1, r32}, {0x10c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x9b}}}, {0x84, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x54, 0x4, [{0x46, 0xd, 0xa2}, {0x30, 0x8, 0x3, 0x1}, {0x82c2, 0x20, 0xdb, 0x401}, {0x1, 0x0, 0x81, 0x7de}, {0x1, 0x0, 0xe0, 0xb6d}, {0x3e91, 0x8e, 0xfe, 0xffff}, {0x100, 0x3f, 0x0, 0x7}, {0xf9, 0x88, 0xc6, 0xfffffffb}, {0x8, 0x6d, 0x4, 0x3}, {0x1, 0xc8, 0x3, 0x8}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r33}, {0x12c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x5b}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r34}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r35}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r38}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x9, 0x7, 0x8, 0xfffff801}]}}}]}}]}, 0x69c}, 0x1, 0x0, 0x0, 0x84}, 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

23:33:11 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xf7, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:11 executing program 4:
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000240)=0x1, 0x4)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nvram\x00', 0x200800, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f00000002c0)={'mangle\x00', 0x2, [{}, {}]}, 0x48)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f0000000000)={0x7f, "b0a0e2ca9bcc5473415af76ee6263d1b7037075794e943a661300ba83e324b0f7dd1c35af34c237f67cfd62ed455f3f804823cd8f0b116b73a632631b128c85a24598ca694424066f4b73cd99d411099a10c20c2ff28b77be2c39b3a6d6e49bfafec02f2c6c100bb54a37dc1b70547b4caedad0e40c56e482fe189b1e1b0ef333f8f47988953a5f06e27c1cd3a30b309a23f90b91c0cec51bd1890703edbd7a8b9ebb9d571ff19f3c6a8b064f00a79857c2949fdca39ce7205e88eac06c2a8d8902a0637bb6f41953e1520925ba383c93d76d07872d6cb616295e80d1f0730295cb2fa9d09cf5e45f50c2e6c065abb1c315fc0fb90be3de4475a20e4e266aa70d90f44b41b74d10d9709134b4e8096b790645aea5362ea2a87d24a19f0ab646d99929925bdd85c5f640641e4b5bebac6025100b7e7e65dc0ee1d6323c6ab8ac9b54114ad989fb0871ddfd3862570f6a37f37cfd8da6c7a5291033c88b8142d22afc530f8b122bfcf30bd0c58195e41b654276aaf6fe10c34eaf3aa7537488f7bc8eb9b5adf64369e4576edb1d8e504f5aa75c17e36833ebf7f6b8a0378f444e03d3024128aa2b1848f2b316033be3f1fcc7d0f883f8b3cd4c755b7fd4dd9654a220343fcdca45eff88d96efa6fae4fdb7cac20fcd54a202b61a319a3a9f804d4c064995f781542c9c5a7c28e6239c70ed0d5e0bde79d893ad2d5822b14aed6d2"})
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

[  850.858991] audit: type=1804 audit(1578871991.957:3081): pid=17119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1446/bus" dev="sda1" ino=17021 res=1
23:33:12 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xf8, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:12 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000400)={0x3, 0x1, 0x14, 0x0, 0x0, 0x0})
r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$KDSKBMETA(r2, 0x4b63, &(0x7f0000000040)=0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KDADDIO(r0, 0x4b34, 0x8)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
writev(r4, &(0x7f0000000140)=[{&(0x7f00000000c0)="5f987ac4273914e65f7a", 0xa}, {&(0x7f0000000440)="a0ce9cdb7caabb1e24cad05b8055a1e97b040d11867dcbe9c6f0d44dd0b052c7feb1337439c32a506b482320d3eea9a7897818d88816c4f4324eb2f46830ef12b34f87c1d8f506c0e373c1e64ac700f987f61dd3cb07f4dc4024de8e9709069c6474e9f80c97fe8f7f162d9131a2d6e8613a7816dc16fc45eb1d84f3c43e1d923823844e7801585c380a902cebeb3681419ab9110fb53c7ebe16627320e160e01d17b7d7d38b00ee421c85508ea775362ffb30d3a23ecb86626ff5508bb1683096451398e8e1f81cc3e7cda4e5047ca3016a60c70c315c53e8634e144007186f0da9ab9c0d0a03c87d9193c1996219c81e3ea7a79df725830c8370ee81ab832038bb8ca8952fb14b433842ac6df8454c7da32751e9b201654ba803635e6830bb3b6f7e7fe8a42302811bf287be93e130875b3c17664c731e130ff9108c76880a2a8899a6d334bec501ce9c6cdd56384e41857481fb0965a8c66db78bd6c27aad9fc0b0ddad003cb869c1d97e518c643425a211a88a472dc749f9935a6ed8429855cc04f66abf04d9bc310d4635ac27b4f3cdfe82aff2542217245c550f6f139fd1a41ee0651091901ec4698931ff72b5c90104065c17caa239f69d6bd3314f12820a5e67e69b6355e3381dc3ba82aa6ff914ff1b9fbbd36f87bae4a5d8ae1afe9de3ea1109c352b2ab5b128c06b73782bc30e926a5c244e43b7b38530f818b7f89c84d73c770cb6b4c09992ac3ea55e7f976846acf915a4563b4e7fb94dcbe59095483e92c89ad42ae9b4ea02eec2ab05b25a7cea08c197194de3b1a0c8bcc7873e5e19c21e3d2114c15c0a8eaa67282b534e83121985bf7dae82d172aab79d81cde61f02cb6278a7296c837e177acf6b1add2365b78e902a93e0eaa2fa45462e658164a6cb59799106d1966481880cb116ea58d0d2fb437286e25757625bfda047a8ed678b6b33796d80ba71d0f689b96ee77eae859ecd1b5fc530193379bd629b3f9109e5ba749b96787cf0daa1ab04dfa213a7ee3e14f73682ce202d815e3937e62781cf7170b7a18e6cf910f305c9956f5f9c6464110c90dce336d679854997408bdb1a6b18601c0ccc6fa84b7ba7ab99cf0b193f72edb415a25db2b1aeb2d0d0f6d4cc7ae1e2d3058cd001080c0c46a1b901b88dd96a6fcb08ea7475b375906c1b4d9a354960328a0d47c2654ebb61a8c7e944667df95bd0441546ec7aa3e41dd7d60d2e39e2f1c949a1070f8f77b442f4aa22d1b733376fa27a01233e8652f2cbadb7e7b6b1e9bc5cd3d10d4dbbd23707c96dfd4aaa8097da5ddd122aa54aa1478c1cbf5b505c5db02ccaf73016079fc89e0de5e79a54d64e16a98bc085c47cc25ea241256928f7ba58df76cc1783b5b8457cc23f1424cc1f6a75042707d52f18cfa82bd9d8081ae618e298d09b09100126b711a2f2fd76df53ea5af0200b8375a0958d660d53297ff32df1c61569d7a64d47b49eb7d9f2ca0f84a9739c5d820828b14e8db66f80414a8869b14ff2c29ae291f3735d911d6307c1b0f1da3af7c24536d3b88f1b888b745dec91868422d67771d888f123b7caf5508a5ddb4038d54ef5fb2b3e92ee7c72ca955c121c3acac0ebb18465317172977cec9024bff2d5cd35070c90f81162814cac28e0d0dfecd46f4f0104a59b5d258098948c19ebf916069f021c069b2684c4f54d7df3ddc35111dc2cf9e32dd06ae46888fdfc16929400869d10f6e854659168e6db52e7d279ed426bb95a139ab49e15a521a8f85c83aee65335e5cb30a0e271c54de23dffebbaeb9e50ca5f625864e0492843f6879c91ea9b0073a7e8b05a74145f077a21fb4f6298b5c28342a37ceb6461550ae19c07cc40252046f3a4a13fbe534e6139e666c635c4392da07edbd6a2e9262a546a6412bb14dc0e06840ac77a97498a8436a957d0496bfecf61edd33638c7000de0d29a48a50de0177340dc2209750f43ee7e68d8df44353c3f3479583ce3031f874bcda4577abe41839f78f8e6c678f48e5b0e616c6c00fbd7070011c95cec2d7709b8af339ea2e32f8adf43f624e1d54d8c74985dec5ab06d613fa9319bdba3c08f4bcf2eb32cded76a63d03d40f0b0c565b7b9c470a9525588cfef49de2e859a61a4045565b6e76bc1ebd17758a0b1ca70e990e3cdc0290db31d270fef39ca1c9b064bfabe8a8c3d5f94f650b81c8495827974efe6c1ce823c2af9d8dbd9d8d44c64dbc1ad8cdc122a38f2f8171d405e5e36d074e13fa168a8c83783725720d21230ae3def2f369317ac71ac0937510b7c0705a88bbb61f0defae7761abf3b29b41f553372dbf1fd63b3f890107d5d45a5614212a7d7efac1cc4688f9b7d37f53d0c1f486f958fb498e5b94b0f7df5a18abf2b3564ddc60334814323de98ce3b52039d8cf4f77559c39886a5fc23539f5f92b9c2fb599843a9d8aa843f0a20db38b7b32b3c58dd8b02cd51c56c569c9f7213b0f09035b44bc3fa98903016bdf5cc6258b1d5d32aaf01a1a0c019baf2f4d972b8a9e0c2dc77f45667fb6351c6c86982f5a78ef444edf3008b2aeda29adbe8c8002f288ee57095d892e2674aa0951c1f9a7bc84b275ffb22f65cb0be43b626b82e25d538316a37cf6a9be06390ef44b16cc63011d093ea6e0619c17232ebbdb091689d4187ab7350c4b5a290d3e2f607178950646bbc74f359fef03cba7a9c5cd527b6b58f6ed8c8154d9af2095511f58662699b7c80dbcb17b6e0c5639ecb62d0586610045b9b3bdeef7553d859b435c407437b51c0dabf189cae62cf7783325cf97bb469633d09c15da5fa1436299847b7a312cce91fdbe21f9372f8af4411970750788801f45afa34d88bede86d166b2baee1b953b4bce15f09349508f43ddec4b2d1ba21af237afdac47220cad78b6474cc3f25747484c8cdd489f434cf1d0e2024f51b62dac3226f681731a17b7f6c35bf7664fe46615d3e32800064cd5e40b152a90a01fea7cd48b4648b56a2b0d83dccc9403560946c34ca23e01d8e5953a86592f93a1117df5438b8eddf209bb4fe3298ed73069a17cc23736566c6af70e4b2ef6a7e77ecc25c8d910f6ef681e82b492d7a9a7dbb02c5aeb50679be26a77a21b041559035e9a0e119785cf69a0bf87acb31bf80ce7d816d66f5450c9ee5fb2a57c30cbc225335be99c7396d865dfd57db1cd1725a9e1db033fb9977bbaff8f92bee9ad885b7d9ccb7825ab6359f69ce02d20f7ada5f9b2ce2d68a7985bd00964f4fdd507e0bfe7d76ff71c81bac3bc282b8dca35c967110fd671af574ba190e5079c3ff1cc8b970e23d80af01d1d4aefca54837f61ae8d9320f53dc8a886f900333a4a7d0645fa911ddc78a597b9ee4fc9a251b0aa868f8e3b123812c4ee56b9449859be04ba25036a9784de9d143edb4722943c3c5ba7de5777a5f228d3dec89a24bfd35c18c772cc4265f6e6bf49727ef1daedcb7cd41c9f37af0d9df3baf60d0f791277a09febdaa51908b8aa9972befe836f2d100c410d554650d23e010f48267cccb28a78eab9556b78434ec42e61e12415b12570065428c06bf01c8554ec9a852c7344d3e45851af2dde248b0c139aa4b53f4c43005a33888bbbc016a13bb85cc69d2b5d9b17e19e7b9f9f5b5b35cfacfd949f12b75ee329698b3688159b58979b936f5125360019f71efec46dde177822115ffe8fad67f992076d85d2f1bebf8db43a2a6b7b8e0ba8f45778b253f7e72bdc0f8a8faa020a576a4a9ba87178c5ccae46cda19ae89aee5a11b249109bd0a63ad202c456b78965b0af53809174ced66322ed1af87f2facb574cb45188e9ac5b73f30c779192849f1fbd9ea229edc47b256b31cd1f952bc817ac05ef95318bfe5b452cdfda39aae433f03b91650000154709b9b2eff6ef1a0b5678fe688901e3984b1af3115b052868e6dcac6496ff04b89fe810d3390eeeea4bf6d0e84664558de30344bf44419a5803f9f217c9df34f3d6dda8629ad293b436cc9bd33b544aea3f1bcef78ab7ccb5234d79bf191d230f078af2ae5cb8f3950a439e2a28e417d6e6290decd7bd4e6ae8183477bafd39fbe2b76a558cb4388945db2f3e96c558766f857c413166778fdbc6da0390fc7ebc3e6ea76b693b51b2672c7363bae8f33cf56a4233a4fd69ffb06b9e5408dad21d1d0269c51b79672fb8f2de514e43074e0b60e003637d823be850e7f52fb911ba1d04e93f1beb003e04ba38c844f76de31d4fe3f0a0c279ae82414f743011d7a0ac7bd65827227c2721a5adbba9c4c5cfc5ef312d4f187c58f8e01a4965bfc26f0f78df1a70c9711c000ecbc91272b7d1f968db8bc412ee2a9aabc6c77a6edf5f8ca0ad954fcfcc43f02ee9da4dbcb135b8e6b3fdc8a7f673c42b4f029f077cf179eab024ae0eebb8f70a6c8c0075307a0f6ccd7fb41cbabceb580d467df01964142cae28dfb59f971aaa51dfc30df2fd2be75ba2dd48713af35897b50aff970d4f21039628eb5f6d458f23d5d36a4570e7b35dda0102eeba34c0e2fddd731fe84e48ca44d316ed55468d4d15d62af0d20517d8e95e3bf0408de70dca4a2986aaf4c319c1bdf3c2fac60e906668ec79096217a509e49290aaf88bd1c4250fdcdabd36fe6c9e866494d2134a0d7e94bef7ccf1e74eee832c72602bbcfaa80ff7f4a1757624271b70c80c496803f6c033b67c8709719f10e92fbba237b98d8d972303c68871b68d299a308940f85378c9248c6c7be6403303bc7f8194eadb6303bbef6ad6a9ece2b34cecc393d904839fc80b6dfc0c2ad677d294a46e028b042dd0622040068ea30705b3bb4153abd37efc6858ecf269790da3910cc21bbff801c8dbd44af67570fca8068f2cd30955ead7291d188e4df5a083babe4e3cf3f6794cfada61b992f598f9fdd2eb0ae1f44a06115c34a2012180d66d7a0507131025d2896f6d659e97c5351cbc26a48fa29ff62f71054a2735829ec0a1122062e6a8b8780a820f453645f8d66cef8cad184bd144006aa26a08851500706852e751b1dcf936b702c856b3e5643e7d0a3db05e03548178daa1aa565919f43f97bd077b50ba66c6255d9f4eede9f46a7cb0fa70b572e7b72834303babdb7ffd70092a1976a062c4a309bd5b24612d3c3eaea033c8aa209725c2683bac2c070cf998c7f3ae40eb876dd69bf378e0606e817542d627393eab04187ccda1b07983bbc28a320a9d15ee3bc136bdfdd27ae70fd7702db9af8fd1129e6be3c1d35592cbda864664c2d942c69d39ae978e274b4fb1237188b9c85916d54cb283510a1969fbfb595e32c0851457a0b99b81bf59c815050e50bae5124aae0fd1b98eb37231a327b0ef1733072e3587a2c72de477e68aa8568f6bd5e4841133f07ab9b869cc00cc019a190f443db8585dcca34d863f7dd723b6f4d21f153db99740cc7209c734c45a53c66d4335cd64a41d67a95aa8843611dd675f70abb8ee494778bbb9908c8dd42eeb705456af99c40dbf268c7c05c821e66787b1b2263630bb501e28e54ea595d43d2044bf41333148f6950b03bacb7d6f364a5d277dc0cbaf1a1819fb0e0c65daeec1b062914217fd2af171d6348baebe7619fc2f6fc5f23c7e6664c272db2b1c248538bef551b8d084662f974f7a4f52d1bee66d9d150b433cfc29d654dff3d3a9f9cee8b9dd52653e935ec53c79f7c1b71fb2ef8d65444aa743da19c116cde92504db87baaab7d848ba867b868efed90c30c25523d60b5d867b216add03f55169cc8f777aa92cee4da4c34ac04ad213f74eb2455f392ecb46a855994fa2aaad", 0x1000}, {&(0x7f0000000100)="bead03efb3fcf3169969d4bb8ac4ccb86a6a4f0265bf7ac9bd8e2def89e8ea6fb5e2fde620b4684866a8d75f192f5613bf5e35aec57d27", 0x37}], 0x3)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r3, 0x80184132, &(0x7f0000000080))

[  850.945675] audit: type=1800 audit(1578871991.987:3082): pid=17119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17021 res=0
[  851.000951] protocol 88fb is buggy, dev hsr_slave_0
[  851.006203] protocol 88fb is buggy, dev hsr_slave_1
23:33:12 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xf9, 0x0, 0x0, 0x0, 0x0, 0x0})

[  851.080578] protocol 88fb is buggy, dev hsr_slave_0
[  851.085736] protocol 88fb is buggy, dev hsr_slave_1
23:33:12 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  851.298697] audit: type=1804 audit(1578871992.417:3083): pid=17153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1447/bus" dev="sda1" ino=17016 res=1
[  851.386456] audit: type=1804 audit(1578871992.497:3084): pid=17149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1331/bus" dev="sda1" ino=17021 res=1
[  851.463120] audit: type=1800 audit(1578871992.507:3085): pid=17149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17021 res=0
23:33:12 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r1, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:33:12 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xfa, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:12 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000000))
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$FBIO_WAITFORVSYNC(r1, 0x40044620, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000000)={r6}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000180)={r6, 0xffff657a}, &(0x7f00000001c0)=0x8)
r7 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r7, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
fsetxattr$trusted_overlay_upper(r9, &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000080)={0x0, 0xfb, 0xb6, 0x2, 0x1, "cbf98cbfef3dd2f7eb39a94c2ca1c3d8", "f30388c34b1a2f135ae8141058b98030a595ea77866b39e392dd582508bb75467cec5c60214c84e1369a85b65b3a9444b4199d74f41e7b463cf1d17ba52590768933d7ebcb241b508e2b0b29497e8c8cebf534fd88c4168082a0b16a801c965d035c781ae18b58e88ab9a6042b2303b0916c1e4b208bf7cff715cf6c9b15d1a9b70244d9bd3ee0b3552f5a0c80f684cda4640ce95a5ab236cf595f513ca3bb368e9f7b8337cea65dfc2a3d0a09af19be4a25801e3fecd57dd311ad200f135e13e54bb6649c6fd224631b595fcc01c35cc0399ea7373dcb68d77a8bd0"}, 0xf1, 0x0)

23:33:12 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd, 0x0, <r3=>0xffffffffffffffff})
r4 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r10, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r14}}, 0x20}}, 0x0)
r15 = socket$nl_route(0x10, 0x3, 0x0)
r16 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r15, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r17}}, 0x20}}, 0x0)
r18 = socket$nl_route(0x10, 0x3, 0x0)
r19 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r19, &(0x7f0000000100)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r18, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r20}}, 0x20}}, 0x0)
r21 = socket$nl_route(0x10, 0x3, 0x0)
r22 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r22, &(0x7f0000000100)={0x11, 0x0, <r23=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r21, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r23}}, 0x20}}, 0x0)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
r27 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r27, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r27, &(0x7f00000001c0)={0x11, 0x0, <r28=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r29 = socket$nl_route(0x10, 0x3, 0x0)
r30 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r30, &(0x7f0000000100)={0x11, 0x0, <r31=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r29, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r31}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, <r32=>0x0}, &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={<r33=>0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, <r34=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, <r35=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
r36 = socket$nl_route(0x10, 0x3, 0x0)
r37 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r37, &(0x7f0000000100)={0x11, 0x0, <r38=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r36, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r38}}, 0x20}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000cc0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000c80)={&(0x7f00000005c0)={0x69c, r4, 0x20, 0x70bd2c, 0x25dfdbff, {}, [{{0x8, 0x1, r7}, {0x1c0, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x2, 0x40, 0x5, 0x9}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0xd20}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x7fffffff}}, {0x8, 0x6, r10}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x3, 0x2, 0x8, 0x101}, {0x1, 0x4, 0x6, 0x7}, {0x1, 0x0, 0xf9, 0x96}, {0x9, 0x0, 0x39, 0x6}, {0xff, 0x3, 0x4, 0x8}, {0x2331, 0xeb, 0x6, 0x8000}]}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x2e, 0x6, 0x90, 0x3}, {0x94, 0x8, 0x8, 0x5eba00}, {0xc10, 0x89, 0x2}, {0x2, 0xa8, 0x3, 0x80000000}, {0x503c, 0x5, 0x1, 0x80000000}, {0x100, 0x9a, 0xea, 0x6}]}}}]}}, {{0x8, 0x1, r11}, {0x270, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r17}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r20}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r23}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x88fd}}, {0x8, 0x6, r26}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r28}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r31}}}]}}, {{0x8, 0x1, r32}, {0x10c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x9b}}}, {0x84, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x54, 0x4, [{0x46, 0xd, 0xa2}, {0x30, 0x8, 0x3, 0x1}, {0x82c2, 0x20, 0xdb, 0x401}, {0x1, 0x0, 0x81, 0x7de}, {0x1, 0x0, 0xe0, 0xb6d}, {0x3e91, 0x8e, 0xfe, 0xffff}, {0x100, 0x3f, 0x0, 0x7}, {0xf9, 0x88, 0xc6, 0xfffffffb}, {0x8, 0x6d, 0x4, 0x3}, {0x1, 0xc8, 0x3, 0x8}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r33}, {0x12c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x5b}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r34}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r35}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r38}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x9, 0x7, 0x8, 0xfffff801}]}}}]}}]}, 0x69c}, 0x1, 0x0, 0x0, 0x84}, 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000080))

[  851.724023] protocol 88fb is buggy, dev hsr_slave_1
23:33:12 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xfb, 0x0, 0x0, 0x0, 0x0, 0x0})

[  851.802074] protocol 88fb is buggy, dev hsr_slave_0
[  851.808755] protocol 88fb is buggy, dev hsr_slave_1
23:33:13 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xfc, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:13 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x400000, 0x17, 0x31, 0x0})
r1 = add_key$user(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x0}, &(0x7f0000000500)="608f1032d65e96203b24856d511deeb124c107a1f53277c316e80816548508a1ccdd8c46725316a4a750fb78f81c69675f446fd722367bbeb1775679a86b15fe332fac9732fad2a3a4bbdc4c621ba986eb546319976cdb3c23f0a8a598c6c4dd9593e181737eecc98b28b6bb4c", 0x6d, 0xfffffffffffffff8)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000580)={r1, 0x93, 0x5d}, &(0x7f00000005c0)={'enc=', 'pkcs1', ' hash=', {'crc32\x00'}}, &(0x7f0000000640)="c1da8c4facaf8408a7ff6ee98ec7e8b6eabf65c796c26add8d943e8fe3f7e7af1a39bdc19ff1dba9ee63e7d0ee8b50ed42914515e73ee30664e1d8da581335ac01db04863fbe740216c72e10ccdfa34e298a78c695e54fb895712c53cbcde6ce4e152259b602ba6c5c2cc925e37dd8dfa3571606ef6f93eb26ecc18a4c28542370190f857d9c8ede2ca91a7e355b0e4597e0d2", &(0x7f0000000700)=""/93)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_FONTX(r2, 0x4b6c, &(0x7f0000000440)={0x11f, 0x4, &(0x7f0000000000)="3484c66fab1df6cdc0061a65231d818dff0822e0c85a315be6c48623fd009c803313f27ce937c1660a82256041e7aecadffbbb6140d3841ceb311dc2eb096ac1b9ed54c6b01ac2af719a6614b7ca69d00c0c160823ad896326960f0c3b208e0d1ae383ad7629b59b0f5ac56468a1e02f88e0353073900702c3d33a5618089178f5aa10500bdd946f2553040399af02666eca5f1b3184ef24e7d63b3ea6d17a504b721905e60bdc21bcbd6c74dc25c62b278a73597e058befff3ea2153c653cb06d688ed5819ecc007b43aa4d9f2b6deadb0a1a7c6eaabc2e6382c7dc56aa6d9d4e906cc661d3e3edf4f01ab2db8d26af70b48279219e4dc5f566e53f3ab9fb835896155bcfd896c3b1bb2f8148ba109b98551d2453b73ec7149e97ec21b088c8925fcade348bed00c62c9704324cd94fbfbd895f1175c210272123df63c8e9f429462c80074c17dd205342d9acd8710f9b1ea69a464f70a897a00d079844df72b276cef7bcdcb8733f1e6d6e7a362c92f3b75ebded90316c0f88420e42968a21c6f6351eb23161ef668011cd7b90875cebfbf72b24eaee8b4d110bcfbbdcd28f7a514f39890a7aa9d990e71e19bc499e542dc7ffd46f3774a793f335ad6ef6c3cf076776eacce5794d10291346342c5ad5ba76c329218e047edd67eaf9e209e49857daddc3a7c94a0f1b51b8c091f11f9f6e171d3e47e325bd74d51f998b3e5f33aa6739bdcb928d7d1b52855181ef75330afd9f0c0eedc7becf2271fe784613232951eb3c31584eb6ded516eb19bcffe010547c26012d6cc0853cd835f93246607299ba792009de024a807a7ff14204115cffd0355e0095dc6c088b05f8faa594628e52b73c1d30afb10630251ad2de7bd5569652ee379f37c6426a6f17b660a5e53348f5aff73bef35e984f6f160691d825775f2374d4d218442fdd6e65240493fc2a746e6996026b425c39a25addf9c905a72e7136ea03fe99d233fa7c96382d7db3e28890a47ce6cf75bd78d9d7fa40438da07f1cfa84c8766421bd8ac2104e60b82a1bd91b35882e1019afb4878aef8720b62b3ccb1214a5af8893ae23c91b873fd291a699fe229e9b14460b665e9a603e53e48ba91cc1f318eea8d325cddc1df7f3dd80e680a691cc19d6c62211d3ea5c096f95fbcd07dbb2cc058b60b904dd7b64f0aef225ddb3817655ca8a2fbe2ecba59c6e6fe44e78aba347b749a9a26b8cea8cc22b2510cee5045159392fbb186e109f60332cf469e27e1aee3643e45b48a2240eefecccfca75b64866751d2f4545beb7c01f5d13144d4cdfe68ab04a035ec109156ea0635defd648f6ee5ff0da08f7b68f310033bcbe0879975f556b88164f9f87aebfac5717596c39bd1ae195c9cf59f61acf117b3af261af6476d923ea0b69e136295e55e2d2a334981dfb112f6d8f49dec563529cdd6d8bc3"})

23:33:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd, 0x0, <r2=>0xffffffffffffffff})
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r6, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r9, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$nl_route(0x10, 0x3, 0x0)
r24 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r24, &(0x7f0000000100)={0x11, 0x0, <r25=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r23, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r25}}, 0x20}}, 0x0)
r26 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r26, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r26, &(0x7f00000001c0)={0x11, 0x0, <r27=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r28 = socket$nl_route(0x10, 0x3, 0x0)
r29 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r29, &(0x7f0000000100)={0x11, 0x0, <r30=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r28, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r30}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, <r31=>0x0}, &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={<r32=>0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, <r33=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, <r34=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
r35 = socket$nl_route(0x10, 0x3, 0x0)
r36 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r36, &(0x7f0000000100)={0x11, 0x0, <r37=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r35, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r37}}, 0x20}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000cc0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000c80)={&(0x7f00000005c0)={0x69c, r3, 0x20, 0x70bd2c, 0x25dfdbff, {}, [{{0x8, 0x1, r6}, {0x1c0, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x2, 0x40, 0x5, 0x9}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0xd20}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x7fffffff}}, {0x8, 0x6, r9}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x3, 0x2, 0x8, 0x101}, {0x1, 0x4, 0x6, 0x7}, {0x1, 0x0, 0xf9, 0x96}, {0x9, 0x0, 0x39, 0x6}, {0xff, 0x3, 0x4, 0x8}, {0x2331, 0xeb, 0x6, 0x8000}]}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{0x2e, 0x6, 0x90, 0x3}, {0x94, 0x8, 0x8, 0x5eba00}, {0xc10, 0x89, 0x2}, {0x2, 0xa8, 0x3, 0x80000000}, {0x503c, 0x5, 0x1, 0x80000000}, {0x100, 0x9a, 0xea, 0x6}]}}}]}}, {{0x8, 0x1, r10}, {0x270, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r13}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r19}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r22}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x88fd}}, {0x8, 0x6, r25}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r27}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r30}}}]}}, {{0x8, 0x1, r31}, {0x10c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x9b}}}, {0x84, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x54, 0x4, [{0x46, 0xd, 0xa2}, {0x30, 0x8, 0x3, 0x1}, {0x82c2, 0x20, 0xdb, 0x401}, {0x1, 0x0, 0x81, 0x7de}, {0x1, 0x0, 0xe0, 0xb6d}, {0x3e91, 0x8e, 0xfe, 0xffff}, {0x100, 0x3f, 0x0, 0x7}, {0xf9, 0x88, 0xc6, 0xfffffffb}, {0x8, 0x6d, 0x4, 0x3}, {0x1, 0xc8, 0x3, 0x8}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r32}, {0x12c, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x5b}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r33}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r34}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r37}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x9, 0x7, 0x8, 0xfffff801}]}}}]}}]}, 0x69c}, 0x1, 0x0, 0x0, 0x84}, 0x1)

23:33:13 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xfd, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:13 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r1, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

[  852.959749] kauditd_printk_skb: 3 callbacks suppressed
[  852.959768] audit: type=1804 audit(1578871994.077:3089): pid=17210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1333/bus" dev="sda1" ino=16865 res=1
[  852.999310] audit: type=1800 audit(1578871994.097:3090): pid=17210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16865 res=0
[  853.082314] protocol 88fb is buggy, dev hsr_slave_0
[  853.090432] protocol 88fb is buggy, dev hsr_slave_1
[  853.161906] protocol 88fb is buggy, dev hsr_slave_0
23:33:15 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r1, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:33:15 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x19, 0xd9, 0x0})

23:33:15 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0xfe, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:15 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  854.215433] audit: type=1800 audit(1578871995.337:3091): pid=17153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=17016 res=0
[  854.383240] audit: type=1804 audit(1578871995.507:3092): pid=17227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1334/bus" dev="sda1" ino=17028 res=1
[  854.593504] audit: type=1800 audit(1578871995.587:3093): pid=17227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17028 res=0
[  854.678679] audit: type=1804 audit(1578871995.637:3094): pid=17229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1448/bus" dev="sda1" ino=17029 res=1
[  854.733873] audit: type=1800 audit(1578871995.647:3095): pid=17229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17029 res=0
[  854.818240] audit: type=1800 audit(1578871995.787:3096): pid=17174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1" ino=16737 res=0
23:33:16 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x0, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
r27 = socket$nl_route(0x10, 0x3, 0x0)
r28 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r28, &(0x7f0000000100)={0x11, 0x0, <r29=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r27, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r29}}, 0x20}}, 0x0)

23:33:16 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x102, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:16 executing program 4:
r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x101000)
write$sndseq(r0, &(0x7f0000000080)=[{0xb4, 0x2, 0x0, 0x1, @tick=0x6, {0xf7, 0x81}, {0x6, 0x3}, @ext={0x33, &(0x7f0000000040)="bd731e1538cbd11de1f7a93f114c4911e57c72098abc200d5b178b89a9d57143864cc5dba9f497c10fb32a7e1d9f7ec305e074"}}], 0x1c)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000140))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = syz_open_dev$vcsa(&(0x7f0000000380)='/dev/vcsa#\x00', 0x8, 0xc2801)
ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f0000000440)={0x0, 0x1, 0x5, &(0x7f00000003c0)=0x8})
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000240)='/dev/cachefiles\x00', 0x0, 0x0)
ioctl$VIDIOC_G_PARM(r4, 0xc0cc5615, &(0x7f0000000280)={0xc, @raw_data="8659d25d97cd6e828e8b3995e53eb2c2711e3ac8a31eaeafae66d1b32b27ed22ce58635adfc7bd9a91502ade932dac7f10eeedc37766daf44bda0126f777692f57627102bf8fb9557e3b19cc70be9901399067033c380462be81967a5d7382325d9fa314eb2819b3fa7303b5b4456525a1f7bf814c0226dd5b1c9f24c3eab2c5e2af252f6ef9a89a8245944ca2db02ac1170d25fdceeca0bc67c3961cc1783c19256afae302b52d6eb9b29312cf81cfd03929cafe9cdaaa8ef8a52b03702bf15413156eddb7c9ba9"})
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$FIDEDUPERANGE(r6, 0xc0189436, &(0x7f00000005c0)=ANY=[@ANYBLOB="627325917b3b010500507a73772bf598760000000000625d000000000000", @ANYRES32=r1, @ANYBLOB="000000000100"/28, @ANYRES32=r7, @ANYBLOB="000000000100"/28, @ANYRES32=r8, @ANYBLOB='\x00'/28, @ANYRES32=r9, @ANYBLOB="000000000300"/28])
r10 = dup2(0xffffffffffffffff, r5)
connect$nfc_llcp(r10, &(0x7f00000000c0)={0x27, 0x1, 0x0, 0x5, 0x35, 0x1, "26957466cd5f5a5da051967c0a8da3bb691895f7f73ae9ac5dd083fea5b2950802eda769f75b575ade4972dd9833f74dfb85a93fbf9a247d835b54aeeafb0c", 0x1d}, 0x60)
r11 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r11, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$sock_inet_udp_SIOCINQ(r11, 0x541b, &(0x7f0000000480))
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:16 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:16 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000000)={0x3, 0x0, 0x14, 0x0, 0x0, 0x0})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000007b01000000000063090b7818cb25d2000000000000000000"])
ioctl$KVM_KVMCLOCK_CTRL(r5, 0xaead)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r7 = dup2(r1, r6)
setsockopt$inet6_int(r7, 0x29, 0x9, &(0x7f0000001400)=0x4, 0x4)

23:33:16 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x103, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:16 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x104, 0x0, 0x0, 0x0, 0x0, 0x0})

[  855.191627] audit: type=1804 audit(1578871996.287:3097): pid=17245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1335/bus" dev="sda1" ino=16657 res=1
23:33:16 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x4e)

[  855.321501] audit: type=1800 audit(1578871996.357:3098): pid=17245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16657 res=0
23:33:16 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:16 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:16 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x105, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:16 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB="010000b8", @ANYRES32=<r3=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000)={r3}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000040)={r3, 0x6}, &(0x7f0000000080)=0x8)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000000c0)={'gre0\x00', 0x200})
ioctl$KDFONTOP_COPY(r4, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:16 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000000000)=""/162, &(0x7f00000000c0)=0xa2)

23:33:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
r27 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r27, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))

23:33:16 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x106, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:16 executing program 4:
ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0xfffffffc, 0x0, 0x0})
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$sock_netrom_SIOCDELRT(r0, 0x890c, &(0x7f0000000040)={0x0, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={'nr', 0x0}, 0x4, 'syz1\x00', @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x3, 0x3, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default]})

23:33:17 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:17 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB="010000b8", @ANYRES32=<r3=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000)={r3}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000040)={r3, 0x6}, &(0x7f0000000080)=0x8)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000000c0)={'gre0\x00', 0x200})
ioctl$KDFONTOP_COPY(r4, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x107, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:17 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:17 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
userfaultfd(0x400)

23:33:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
ioperm(0xffffffff7fffffff, 0x10000, 0xf6)
r1 = accept$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs, &(0x7f0000000080)=0x6e)
writev(r1, &(0x7f00000002c0)=[{&(0x7f00000000c0)="cfdfbb949605ba4a9f9b99ecfefda2c6c1c3b8dd3cee96b9fc24e2023036c5b48625c7981182b1e638be12051718864c56a56c76b0a5c8dbe386a39cf8016f15e5ccabc46c30f4bbc1ba3524e6f85eb97ff2dabd2777510059abb33d75c9b2b3f4c97d030d5b9cdf90c913f3294867b55f03f5160605de57a23a969124d5ad09af7a26121230def521481fe8fb158d8c790e68178ced1279ab05aa824a07df5019c44bc00f950536a00c3cc47e354137404940f3989b18654a2f07f208ca29d1d22c2375df2aa80f7845c6f923b6453c5e59c7d380afdcc1eb8204ff613b30159f1d4e45e8cab3009c61db99a3825e2878f97c16546f75fd", 0xf8}, {&(0x7f00000001c0)="d99fad6e5b1dae2f9f28f943afd6072942bf27dc78c58f66647de40fedaff897787f594d6568f3c5af826836df4aee705cd39c92f1e9e7d03e7e9215104f739e18bc9c1d370ca12212e6cc51fbc20d03d320380c2a5c1ed420a0d9537247f24f38d3a429daa541d2f13880ca77cd778308247c4e8f7654870feb31e4908cec3f4a505fd683c6f51adb527a76c209625396fe27f33f1b6cb92e57b774ac25cb2e3b44be6f95a89cea08ded5f47a5bbe4c85f5dd64fb55876852df73e848a8002eb0c84bb5e1a9e847e3818fccea545b8c89f869", 0xd3}], 0x2)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_COPY(r2, 0x4b72, &(0x7f0000000380)={0x3, 0x0, 0x6, 0x19, 0x5d, &(0x7f0000000440)})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
splice(r4, &(0x7f0000000300)=0x4, r6, &(0x7f0000000340), 0x200, 0x0)

23:33:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x108, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:17 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000140))
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000000)={0xff, 0x0, 0x0, 0x9aa, 0x5, [{0x4, 0x4d3c, 0x9, [], 0xd00}, {0x6, 0x2, 0x4, [], 0x2202}, {0xe7a, 0x9, 0x800, [], 0x363738a517aebad2}, {0x6, 0x0, 0x4, [], 0x1004}, {0x7, 0x8001, 0x8, [], 0x7015}]})

23:33:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x1f, 0x0, 0x0})

23:33:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)

23:33:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x109, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:17 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:17 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x8b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:17 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b101", 0x2e}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = getpid()
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000040)={0x8, 0xa, 0x4, 0x20000000, 0x6e, {0x77359400}, {0x4, 0x2, 0xe6, 0x1e, 0x9, 0x88, "26edb8c2"}, 0x2, 0x3, @offset=0x7, 0x6, 0x0, <r3=>r0})
accept4$netrom(r3, &(0x7f00000000c0)={{0x3, @rose}, [@remote, @default, @remote, @remote, @rose, @bcast, @netrom, @null]}, &(0x7f0000000140)=0x48, 0x0)
sched_getparam(r1, &(0x7f0000000000))

23:33:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x10a, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:17 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1", 0x2d}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x4, 0x138, 0x0})
prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f00000000c0)="c538e8fd0a04e8e515e3b416d5a281f99f5285d68dc0df279abaf7e0aaa80a85b6e7919b326859fd0f73c22e9b5b59a5770f2442a109f8e541", 0x39)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x4200, 0x0)
bind$rose(r1, &(0x7f0000000080)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, @null}, 0x1c)
ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000))
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x100, 0x0)
ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f0000000140)={0xc4, 0x8001, 0x1ff, 0x8001})

23:33:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x10b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:18 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:18 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
unlink(&(0x7f0000000040)='./file0\x00')
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x11, 0xf, 0x1d8, 0x0})

23:33:18 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
socket$nl_route(0x10, 0x3, 0x0)

23:33:18 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x10c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:18 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1", 0x2d}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:18 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x10d, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:18 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r3, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_DQBUF(r4, 0xc0585611, &(0x7f0000000100)={0x5, 0x1, 0x4, 0x1, 0x4, {}, {0x3, 0x8, 0x9, 0x8, 0x3, 0x0, "36f5bcdb"}, 0xfffffffe, 0x2, @planes=&(0x7f0000000040)={0x5, 0x4, @mem_offset=0x3, 0x8}, 0xfffffffe})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x100000, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r5, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r9, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]})
ioctl$KVM_SET_MP_STATE(r9, 0x4004ae99, &(0x7f0000000000)=0x7)

23:33:18 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x0, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  857.320629] net_ratelimit: 7 callbacks suppressed
[  857.320639] protocol 88fb is buggy, dev hsr_slave_0
[  857.330714] protocol 88fb is buggy, dev hsr_slave_1
23:33:18 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x10e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:18 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1", 0x2d}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:18 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x10f, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:18 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)

23:33:18 executing program 4:
syz_open_dev$tty1(0xc, 0x4, 0x3)

23:33:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000380), &(0x7f0000000040)=0xfffffffffffffeda)
ioctl$SNDCTL_DSP_GETTRIGGER(r1, 0x80045010, &(0x7f0000000000))
getsockopt$EBT_SO_GET_INIT_ENTRIES(r1, 0x0, 0x83, &(0x7f0000000140)={'broute\x00', 0x0, 0x4, 0x32, [], 0x6, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000100)=""/50}, &(0x7f00000001c0)=0x78)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200)={<r2=>0xffffffffffffffff}, 0x111, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(r1, &(0x7f0000000280)={0xa, 0x4, 0xfa00, {r2}}, 0xc)
ioctl$KIOCSOUND(r0, 0x4b2f, 0x5)

23:33:19 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x110, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:19 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x0, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  858.050575] protocol 88fb is buggy, dev hsr_slave_0
[  858.055759] protocol 88fb is buggy, dev hsr_slave_1
23:33:19 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x0, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$PPPIOCCONNECT(r1, 0x4004743a, &(0x7f0000000000)=0x4)

23:33:19 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x111, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:19 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x75, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:19 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x112, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x1e, 0x0, 0x0})

[  858.297319] kauditd_printk_skb: 24 callbacks suppressed
[  858.297335] audit: type=1804 audit(1578871999.397:3123): pid=17470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1341/bus" dev="sda1" ino=17029 res=1
23:33:19 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x111, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:19 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x0, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SNDRV_PCM_IOCTL_HW_FREE(0xffffffffffffffff, 0x4112, 0x0)

23:33:19 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

[  858.524907] audit: type=1800 audit(1578871999.427:3124): pid=17470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=17029 res=0
23:33:19 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x113, 0x0, 0x0, 0x0, 0x0, 0x0})

[  858.649528] audit: type=1804 audit(1578871999.757:3125): pid=17486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir833273162/syzkaller.TqqVdk/1532/bus" dev="sda1" ino=17015 res=1
23:33:19 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x0, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  858.803746] audit: type=1800 audit(1578871999.777:3126): pid=17486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17015 res=0
[  859.001528] audit: type=1804 audit(1578872000.017:3127): pid=17514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1342/bus" dev="sda1" ino=16998 res=1
[  859.087135] audit: type=1804 audit(1578872000.017:3128): pid=17518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1457/bus" dev="sda1" ino=16721 res=1
[  859.115378] audit: type=1800 audit(1578872000.027:3129): pid=17514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16998 res=0
[  859.155765] audit: type=1800 audit(1578872000.037:3130): pid=17518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16721 res=0
23:33:20 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x0, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:20 executing program 4:
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
dup2(r2, 0xffffffffffffffff)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x2, 0x3, 0x0})

23:33:20 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x114, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:20 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x0, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={0x0, @multicast1, @loopback}, &(0x7f0000000480)=0xc)

23:33:20 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:20 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x115, 0x0, 0x0, 0x0, 0x0, 0x0})

[  859.320577] protocol 88fb is buggy, dev hsr_slave_0
[  859.325811] protocol 88fb is buggy, dev hsr_slave_1
[  859.397823] audit: type=1804 audit(1578872000.517:3131): pid=17532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1458/bus" dev="sda1" ino=17039 res=1
[  859.425052] protocol 88fb is buggy, dev hsr_slave_0
[  859.425121] protocol 88fb is buggy, dev hsr_slave_1
23:33:20 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VIDIOC_S_JPEGCOMP(0xffffffffffffffff, 0x408c563e, &(0x7f0000000040)={0x800, 0xb, 0xf, "671de5ad3a9e39f7d5ac660cee2fd764b25e1a04906e315382bcf18b9f0ecc1c6ff3e9c8902ce8247b6bb243cb62bff4e320653fc3760130e9a44192", 0x1a, "1963e777749cd5792b6f460628632a5c9c635eb1268ff4b0da70bbf1c62678f99ac3abad153735a2d1e3bb9f021e4613eb0fa5aa290cf8239e4af015", 0x28})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x8000, 0x0)

23:33:20 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x116, 0x0, 0x0, 0x0, 0x0, 0x0})

[  859.641975] audit: type=1800 audit(1578872000.537:3132): pid=17532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17039 res=0
23:33:20 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
connect$nfc_llcp(r0, &(0x7f00000000c0)={0x27, 0x1, 0x1, 0x2, 0x2, 0x3f, "348b40710bd5c06445416ccd5eb1d28cbe0127850566e7e7717f818b9352be4bfe12eb6b86cf4c1dc5d3f061323773cae220398b1b1d0f9788c3f3236994ae", 0x36}, 0x60)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000000)="3f40ce4c47884b1a6835f902157cc967391a3fc238984a4bb7299f0b90800d963b62443396b5fe0a2fc1e0e6912218b99b497df83140d85d039a689b0fdf32e3db67e84758e926c7b98fd94b5a09ae74562e419b885c1c672c76d3fcae4938bc849fe85c1874238491640345dd41a9e492131757ec7ba468107b8c590f9dd7761f785703e49fd3b9c0458d1b32f6cf5e50447f92fe5cac6823e5475099fd2e563847d4cf5fa3571651575d67d9216df2d6f45b02e9d8361f44494183071e8d")

23:33:20 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:20 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:21 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x0, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x14)

23:33:21 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x117, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:21 executing program 4:
r0 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x6, 0x101000)
ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0xa93, 0x1, 0x10001, 0x6, 0x1, "ce1dbc75ded01d8ba4341cd4df9847410e6d0b", 0xea0, 0x4})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCGPKT(r2, 0x80045438, &(0x7f0000000000))

23:33:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x10100, 0x0)
recvfrom$l2tp(r1, &(0x7f0000000440)=""/4096, 0x1000, 0x1, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10)

23:33:21 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x118, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:21 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:21 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x119, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:21 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f00000000c0)={0x3, 0x0, 0x11, 0x0, 0x105, 0x0})
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000040))

23:33:21 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:21 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x11a, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000000))

23:33:22 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r26=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r24, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r26}}, 0x20}}, 0x0)

23:33:22 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x11b, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:22 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:22 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
setsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000000)=0x5, 0x4)

23:33:22 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:22 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x11c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:22 executing program 4:
r0 = gettid()
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x20)
sched_rr_get_interval(r0, &(0x7f0000000000))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x800000, 0x0, 0x0, 0x0})

23:33:22 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  861.400589] protocol 88fb is buggy, dev hsr_slave_0
[  861.405783] protocol 88fb is buggy, dev hsr_slave_1
23:33:22 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r1, 0xc0745645, &(0x7f0000000040)={0x3f, [0x2, 0x9, 0x3, 0xb3cb, 0x8, 0xece, 0x79d, 0xffff, 0x1, 0x1, 0x1, 0x1, 0x7ff, 0x9, 0x2, 0x800, 0x7, 0xd7, 0x0, 0x8, 0x4, 0x2, 0x7, 0x80, 0xffc1, 0x3, 0x3ff, 0x3, 0x7, 0x8001, 0x9, 0x1ff, 0x7, 0x9b, 0x7, 0x8, 0x3, 0x3f, 0x4, 0x7fff, 0x80, 0xffff, 0x8, 0x100, 0x0, 0x2, 0x8, 0x200], 0x3})

23:33:22 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x11d, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:22 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x11e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:23 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
r24 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r24, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))

23:33:23 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x11f, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x101040, 0x0)
ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000040)={0x20})

23:33:23 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:23 executing program 4:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="00fb6604364551a109e1ab539cff22715ca3b1abd17ed4769387390d10ffb424cde25a90bff9b0a366fa8b07512494fe92b09b1c8a1938146b8877e7ddef0b8ab7d789580ba688a43eb665989e1c9ecb9e7c5d0e4590c0e11691214c91520d553fd29752f4b9"], 0x66, 0x5dc272261f508f81)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x1e9, 0x0})

23:33:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x120, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000040)={0x8, 0x1c, 0xff80, 0x1, 0x16, "116f26aefc1f7812"})
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_COPY(r1, 0x4b4b, &(0x7f0000000000)={0x3, 0x0, 0x2000, 0xfffffffc, 0x0, 0x0})

23:33:23 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:33:23 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x121, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:23 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:23 executing program 4:
ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000280)={0x3, 0x20, 0x3})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)=@ipv4_delrule={0x54, 0x21, 0x2, 0x70bd2a, 0x21dfdbfc, {0x2, 0x14, 0x0, 0x4, 0x3f, 0x0, 0x0, 0xa, 0x1}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x0, 0x17, {0x4e22, 0x4e22}}, @FRA_SRC={0x8, 0x2, @rand_addr=0x7}, @FRA_FLOW, @FRA_FLOW={0x8, 0xb, 0x10001}, @FRA_DST={0x8, 0x1, @local}, @FRA_DST={0x8, 0x1, @empty}, @FRA_SRC={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4040}, 0x2040041)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b4b, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/partitions\x00', 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f0000000380)={0xa00000, 0x1000, 0xfff, <r4=>r3, 0x0, &(0x7f0000000340)={0x18c1f81, 0x7, [], @value64=0x4}})
r5 = openat$cgroup_ro(r4, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000080), &(0x7f00000003c0)=0x20)
r6 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/status\x00', 0x0, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
readv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000440)=""/43, 0xffffffffffffff4d}], 0x1)
linkat(r6, &(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000240)='./file0\x00', 0x400)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000480)=0x4, 0x4)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r5, 0xc06c4124, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
ioctl$VIDIOC_S_EXT_CTRLS(r5, 0xc0205648, &(0x7f0000000100)={0x4, 0x1000, 0x80000000, <r8=>0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0xa30904, 0x7f, [], @value=0x5}})
ioctl$TCSETAF(r8, 0x5408, &(0x7f0000000140)={0x4, 0x3, 0x8, 0x5, 0xb, "6a208383cb143a8b"})

23:33:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)

23:33:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x122, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:23 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:33:23 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x123, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:24 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x1, 0x40, 0xfffe})

23:33:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x124, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:24 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:33:24 executing program 4:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:33:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x125, 0x0, 0x0, 0x0, 0x0, 0x0})

[  863.317270] kauditd_printk_skb: 39 callbacks suppressed
[  863.317287] audit: type=1800 audit(1578872004.437:3172): pid=17778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16753 res=0
[  863.389141] audit: type=1804 audit(1578872004.497:3173): pid=17781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir371738162/syzkaller.wCtnmi/1507/bus" dev="sda1" ino=16897 res=1
23:33:24 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:33:24 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
socket$nl_route(0x10, 0x3, 0x0)

23:33:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x126, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:24 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

[  863.442952] audit: type=1800 audit(1578872004.517:3174): pid=17781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=16897 res=0
23:33:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x127, 0x0, 0x0, 0x0, 0x0, 0x0})

[  863.560593] net_ratelimit: 10 callbacks suppressed
[  863.560601] protocol 88fb is buggy, dev hsr_slave_0
[  863.570731] protocol 88fb is buggy, dev hsr_slave_1
23:33:24 executing program 4:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  863.596151] audit: type=1804 audit(1578872004.707:3175): pid=17795 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir582887837/syzkaller.cKsN85/1465/bus" dev="sda1" ino=16881 res=1
[  863.666125] audit: type=1800 audit(1578872004.757:3176): pid=17795 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16881 res=0
23:33:24 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x128, 0x0, 0x0, 0x0, 0x0, 0x0})

[  863.767163] audit: type=1804 audit(1578872004.887:3177): pid=17802 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir708110851/syzkaller.nOT6ED/1352/bus" dev="sda1" ino=16849 res=1
23:33:24 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x2000000, 0x9, 0x20, 0x0, 0x0})
r3 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x3f)
ioctl$TCFLSH(r3, 0x540b, 0x2)

23:33:25 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x129, 0x0, 0x0, 0x0, 0x0, 0x0})

[  863.917188] audit: type=1800 audit(1578872004.897:3178): pid=17802 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=16849 res=0
23:33:25 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)

23:33:25 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a", 0x24}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

[  864.089842] audit: type=1804 audit(1578872005.047:3179): pid=17806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir833273162/syzkaller.TqqVdk/1538/bus" dev="sda1" ino=16865 res=1
23:33:25 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x12a, 0x0, 0x0, 0x0, 0x0, 0x0})

[  864.196017] audit: type=1800 audit(1578872005.047:3180): pid=17806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=16865 res=0
23:33:25 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:33:25 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x12b, 0x0, 0x0, 0x0, 0x0, 0x0})

[  864.366121] audit: type=1804 audit(1578872005.187:3181): pid=17822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir371738162/syzkaller.wCtnmi/1508/bus" dev="sda1" ino=17009 res=1
23:33:25 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x12c, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:25 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x12d, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:25 executing program 4:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
r23 = socket$packet(0x11, 0x3, 0x300)
getpeername$packet(r23, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)

23:33:25 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:26 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0xc008ae88, 0x0)

23:33:26 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x12e, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:26 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:26 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a", 0x24}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:26 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x2, 0x0, 0x0, 0x0, 0x0})

23:33:26 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0)

23:33:26 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x3, 0x0, 0x0, 0x0, 0x0})

23:33:26 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000040)=0x3fc00)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
recvfrom$inet6(r2, &(0x7f0000000080)=""/58, 0x3a, 0x2000, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @remote, 0x200}, 0x1c)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)

23:33:26 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x300, 0x0, 0x0, 0x0, 0x0})

23:33:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000040)=0x3fc00)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
recvfrom$inet6(r2, &(0x7f0000000080)=""/58, 0x3a, 0x2000, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @remote, 0x200}, 0x1c)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:27 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b", 0x2a}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:27 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x3f00, 0x0, 0x0, 0x0, 0x0})

23:33:27 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a", 0x24}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000040)=0x3fc00)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
recvfrom$inet6(r2, &(0x7f0000000080)=""/58, 0x3a, 0x2000, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @remote, 0x200}, 0x1c)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)

23:33:27 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0)

23:33:27 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x4000, 0x0, 0x0, 0x0, 0x0})

23:33:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000040)=0x3fc00)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
recvfrom$inet6(r2, &(0x7f0000000080)=""/58, 0x3a, 0x2000, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @remote, 0x200}, 0x1c)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:27 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x7600, 0x0, 0x0, 0x0, 0x0})

[  866.280602] protocol 88fb is buggy, dev hsr_slave_0
[  866.285772] protocol 88fb is buggy, dev hsr_slave_1
[  866.360596] protocol 88fb is buggy, dev hsr_slave_0
[  866.365772] protocol 88fb is buggy, dev hsr_slave_1
23:33:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000040)=0x3fc00)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:27 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x9600, 0x0, 0x0, 0x0, 0x0})

23:33:27 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0)

23:33:27 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x65, 0x0, 0x0, 0x0, 0x0, 0x0})

23:33:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
r20 = socket$nl_route(0x10, 0x3, 0x0)
r21 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, <r22=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r22}}, 0x20}}, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)

23:33:27 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0xff01, 0x0, 0x0, 0x0, 0x0})

23:33:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000040)=0x3fc00)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:27 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0)

23:33:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000040)=0x3fc00)
ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:28 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x400000, 0x0, 0x0, 0x0, 0x0})

23:33:28 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0)

23:33:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000040)=0x3fc00)
ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:28 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e9", 0x18}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:28 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x507100, 0x0, 0x0, 0x0, 0x0})

23:33:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r20 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r20, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
r21 = socket$packet(0x11, 0x3, 0x300)
getpeername$packet(r21, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)

23:33:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000040)=0x3fc00)
ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:28 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e9", 0x18}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:28 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x516000, 0x0, 0x0, 0x0, 0x0})

23:33:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:28 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x605100, 0x0, 0x0, 0x0, 0x0})

[  867.640578] protocol 88fb is buggy, dev hsr_slave_0
[  867.645812] protocol 88fb is buggy, dev hsr_slave_1
[  867.722124] protocol 88fb is buggy, dev hsr_slave_0
[  867.728116] protocol 88fb is buggy, dev hsr_slave_1
23:33:28 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r3, 0xc040563d, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x1, {0x8, 0xfffffffc, 0x7, 0x3}})
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r5, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000001140)='/dev/dlm_plock\x00', 0x105600, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r6, 0x80044d05, &(0x7f0000001180))
socket$netlink(0x10, 0x3, 0x6)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r8 = gettid()
ptrace$setopts(0x4206, r8, 0x0, 0x0)
tkill(r8, 0x20)
ptrace$getregs(0x1d, r8, 0x80000000, &(0x7f0000001080)=""/137)
ioctl$KDFONTOP_SET_DEF(r7, 0x4b72, &(0x7f0000001040)={0x2, 0x0, 0x7, 0x0, 0x20001, 0x0})
ioctl$TIOCNXCL(r7, 0x540d)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r9, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_FONT(r9, 0x4b61, &(0x7f0000000040)="1186236e8e06184509a8259d30fd3c50664631c34f49610f6296feac9e350499323cbe4582fcee41b38617ffe772319abb6eaf55a739a9e8573d8efc42e9612fdd8895f2ddc278aefaa60d15eaf28aa1d4ef0c69671defd05804e36e9d12b2407516630fdbee84458905e951998d4b52681f40f7ce76dd062d3bea50b0d0101bbd39e94122c43084d2b2f05b713bcd149bdbd09ae750e0d51f229b0721f15ac1347ee6677fb0e93c8560392e81d8f4aaf210eef891527ae22e0b535205315bec86a0ee42f95aad59eb996be7e5e09d82fb60f191fe44bad38940750a2b4304cc68d144ef4ceba4bb231eaeb6b15f9e75cb747b4a79fb51de559fdfe34b1de34d54382ed0459811783910aee353e11d426fcc85b38850c31b1640f6df72af0788649e5a2322583da10693cd6bc76681c467d145a52994f9a5386081e459998ec0079ccd25f8e782197c541154bc3c49c3f1de396f9e355c5a7452053c56a75db427515609f350da6a3766a520f3825590de6a179e44cb2290311cb909fcc79fb2be02b653248fbc10640ac05ae683489d503d97d42bc27fe9f9f72b55c259cb5d907e0f222f35b5b14d44a580cef78d75bed189779e20b4d99306fde8ad71d9668791e8fcfca1170f8e231fff910b5fa5a6cc581b61523e23203340f2182a00b5507b6caaca980366135b27ae2d1588f849ace6dc9f43ac523ba7ba334e25531de8069508df1e636e8c357ffb1109e5f911ee6f23dc87eddd240a94ae8b529ac1260813fc31d42122f935a0db7c04df435d6e119ab34ef548233b5064cac11dfad1a63b0685f9e673216a99073f3545f1b1bbd0a149e5f4d915dd164cce23475a49154cc875b67b660299f0363a92f8c3fb5815a652555f3c0035134455f81c87cc9caf9a9b330dd517491ca07b2d625b206e575d8cce77144ef307024347b32625e62f7597a470798f060d16474cfb9f4d9de8773f1f060eb630b343938137038b21e0656523653ddf7d589776f8c34186c789b673d9a7454b7974d0cfa1261cdf900d7ae092d710d6108eb22ee63f9c90211654faab6e2388af6349a088d7bc773014668d888032b275d53c0b43cf452ed7ff275b59009179df88852d6cf56c9a0030697e8ae0d8768ff1798e29d5962218991240eba7aa626f40cc1f81d04714a15d5e8657091967d1f102c36937e96e4cf1b402d6d83b12004de52423839a2ae08b15395b5e2eeac4c1692eeb65b627cfc8d51839d292a7f97962e5411b5c62557b38fe90f666d0cea1dbaad7bd83581242d92f94d94535982d763a0aee69f8ee9450440fe7f4695f47c33e8d0ba5045e56ceabf3ffe5cc954363bda50122f1a4a6dbc719893d755c51a6c6e811166da3c0253088b3975a9986545e15ab82443c1aad4630e90b500bd35a53173f77597664393d5f7cd0080165510cfa43d01aa043458ab05cbc682e2f31412dfd958e00a7b38641621339b05e83ade4a957d616d3fcc872698fb599de19908c119c38f21b92bbbcad000bb78209a48fdf25118fc264ab4351bb06891d6ee1a77919f4fb7dfca133a945c02105402716861fef0454d0d36644647192fc5eee0a1c94889903689d273883387e724cbcc8ad8bbe3bccfaa9395bccc848d4f666c58478cb74f02e87f3d919a121336b9cc8d18e2a9419c7d31508faafcf9f6dac80fca025c88fde3539e9fdd17fab15e685e854ba5026cc84265a027fbccb7df6b669fc7b074af93027568a7388a0a79fe270ddb31d3d5b593d5dcbe077390282c171ccf19b9aa77bbd4437ff570d17a1073e645d89ebfbdeaed80cd71517ac9e079a906d0217826490be13ed1b72c2b2793188b76f660dd6eb7f42919147d47b71262f1e60cd47d66fb7b4082969aebbb6a9f12c466cfb2593cd83119a69b1efe32b704627e4bd0f1967da6a69d2bdf7b864f04a09610b8522665cba965d1183f75cb4f7ef2baf2ad4f7be44f91729cae476b694b90281f27dffaf1329f80176915fcfa3584d0ce551e4be3c0814f377370d991929d27686910c40eb9323f6d4d4b140db1b491b9eab511afbfdb4c490301a2680b0dec9399468d3c192e9d9004c3c102483263f0557b902fbf81fb1bf1113cb52f63f488a268d265914634b7e5c66c9eff5f66cf0338393630eee740c712b69ba86ecdfb762b2ae97461a4ca4acac42c3b35796efdd93a5a11a78d552a0298b3414dedf9ceecd336f3ec238abc38f9e2b779596958a83d9db18e6a6e927f46b6c390d1377c07b07c0dc83bdc6fa2d0368907fa95ba164d58576ec76ab32b34610896d6e6d6cd5cf09999a14ebf54df3f1f1bce74de7369f0d18190bf62d4e33cbcbecf3229363ad582312a7b6dc80afa9b04bbe3ea07e0b6695339c9055b6705f66bdf850370ceb475977f59bf1510295972574aa30d6cd61f0d44b0d5bf3a0442feb1c81e310c2acf75ca2ceadc4a2c084197bf07217a05134dfa5a2add8fa4bf17dcf796124814ad0ef8677438ade404225c73c63402f478c80001350eb915d08bdc981f82d3362037b9bf4081150314a642119a05f832d435c01d18d016793ea80dcbd4ae012626d986f8bbb9ca5937f0d0e06f27840bc10e5611b1ba142bb69d2eed4f3556351141a69675bf3e50706e089d1bcf87a5ecdf425c4045e8b8c538c5e5833ad3ceb9c238b7d45c32149280cd1fe2c7fc3eb7b5c4d8d1c7d056257ff93d3cc29c73054ec957c1c5d6d939812c263d9486cd6c1d1cd5e5fceacf515ac71520c248fa6d0462280bcc5fd974323cc12b81277541a176eaeffe29b0bf7a3ab96108d9163bf0257426a10eb9070df15f079a154bcc42127864464595bc2060cf9ef222aca4a355536017d7b5399fd63205e1f608a5ec366bd85dda40713b9ac5849a32bc36b8354d4c491c6aca6245b75d213293017c70ccb0e2e92010f149eb681732115171c5c4d0d9d26eab9298534774cdb0b811f57819e87ee9cd3c798359419d154205b64be81e49138b2d5c3215887b9713f8826da93c4ae6bf3e698eb836a8fc1791999d27146213fe3ea7c3bebd94f576372752ba7d1f8352707a9bfcb60ef01adb407111cbba97cf7ee951d57a605df17fbd6bc7088c9a6a0ab8a82dee108495a7f97c88c63363d74bf0713b7e1a9069246f1553302d58605b19139e8871b10ef2e0263fcf2d38dc8dff093cdaf9aa97dcaf884919ddbb67c6401a95426f977ce6cd70407f30d0aa78145ac77fb89c0fde6c6aaed72dde211914e9a2d4967ba01545f580f87723c2d8763dc2f16051c97b690afc865d6f598c3a63f8595c0208dba95b98fb1ee171b8b0411cd21c555f4bcbf0a2508e8176888a3e758f896abfb07969b0b7dc731c19a04fb75c3605dd4216fb5a912429af67c57bb4f8be9bdedda7d2fece3f6f9d015ff384b0698d21d7aeb26d4d8da0bbfc0a8c61bfe3bbdefd3fe31c74c647743360d9b380c1cffe70fcf23b25e77134fe6c38973baf71afa806331b0568fd087297d477b5940d63d80449c2617f08acad2173bc0f3cc46291dc43718554cfd93d6afbdb9ab73966d3cbb1fe101552b8d5bb3bcbd94e0ef96124715e2fe3174c83fc7dbf2c1fdbb499cca37d2b3e823b618d351d107a15a071f678370ea0a2006dda407ada49d82d170025e3aaa936adfd81e736ac07ac51feef9fbc0b3f546d5aeb420e0d9518442b441da1de90db11d2784f433f8ec108b49f3c188a15c8115cca90107b983f56f61c51c79b084daea6ef24d9fa186cce029f533466fbfe8be51f12ace79bc0184f9a58b5d7ee4060d6fcb80ac6d1bafef7ac7f9c3fbc3933545f41f13f70abddc47549db8b6e8373fdb6ca2b509613c5b4ccd5107439729e812081b102d2c37a3205bf6f65ec282b71f1500b10b1ab9f0d752b5e34857d475460e0314104a30b89f486c08118a74053c967b1da8ad204a744ed7da8b7d4d1a22790a63c274f7ea6cceb79daca4d12053c2a6bdfb0a573be165569a08f05de2be2b8a337a0d33a1f9759a8646710fd297178c8ec8b58db0d4d4fe510d385c49d06beb230469f78f17738b989b6a72abd7580846da5120f019b848ce2bf3b43263d4fbefbcb8e9f751f4e13365836d136466d74a6e738449ceb9d5a4ebecb1624d4b2164a5be1e8371d9be991c6558ac659177bf8f9a49bb1ab2353d4c96ff91118198a272c3106caf84ed02ac122b1cd82d4c18aaa305c573e25f1a80e7aad143d7e1651567365eca01766449dd8da63fce58a7faea1912204f47d9ed579297b65861064add3834dcfd278dbd5416941d0d2a0250cd3903b6d010b86c88ceaa13d8ce873aa895301a980036529ecd33deabecc45bdc6e784d9e7e0d2c7d2cfb9d9a3d00fdd148d77f7d8b6e8a92ba30fafaec7d00c0365165308ef0d24405e58255d038025f22c96cf4b500a739c5b8fc8d288003f3ff09d62d568ac91033b172b34aca44969abdbb518afbb74eaacd06b4a5039016bf095ed464cc3d86894bb86b147ce8f045f54b2df37f3756cc8980c1b5e1de6add0d7c6c99728f633a06608571511113dcfdfdf5d01f4afeb4271506b4918e824e5a5f700d8e5e2e28f7c6da34069b9f12678b8f5b0f9e5bd118c4917683ece2485f53fe47e523329cdf986a9dd163fb6f12b8acadc6bef36402623605cf22f9cdb2fcd5c02251508a5c883c20210c0daa80585388c6a1a4c8a916b58dd8e87704e1fd6b9f44ce7c87df3cfabc1af0937f8fd34495ddcfae344b119d4c481bb7c21f2a3560d4c55e07013efd0ffdc83079d599d1389f7a4649427cfd7378e522aa971844cf417ef454e73106f0eaf5fbde6cd88eca022f9b308673197046d59bd17b2211ec93ec153069f991e72010c4b7b87ef95aaa3d4c58216244fadc3175a11ac94a7f01b7949f9df56ce4ba4bd6faf581080535dc010e125e69cc4ca23204f5b645c4fb13fe3117fc11f57149777aa04e41a37212cc428c5e9d24a37920e9e021603347fc4fbd1e64e6f51b420b65b9391297644b7bde01700f292c6bacb78ac5eee9fa5cbe857683fbd8789233667c37e9d86d347c6c6389d555cbc412d31d63b76e08ae4b760c80f81ba33f1ed5cee374d0e9225b22c6ae94a1b60409a59fdf1b1e82346246eaa473a4962653ec9e1d51c31d29dcf3250e69ff5fca013430a6aa8aa52849f05c1a4a85ad217a52c42f187b21df4b2833931ecb4bc764742c0a569cf77f5b97cd21b1196e181d7351f9ae807726a7452b63e60fe7e147151de90ce92dee4332da76327cfc3b543f0d0e7f4a263b7d4c9b2a1eede7ae4be0d122d792cf450fb281c5a93310e33cefbf4740417c49bdcb37cba11586880981d875b30de0f89b17faf772190d94bf15340e15e06b9dc9d93ee019c8d4862018e126d28426c785823f86e2603b3f47aab480950d33f911e59a7c388c66fbe08dc5ec4478379b5d74333dbedbf06ad77a5eadbfc70c6380643a9df77c0885877e29cd2b5af41bbe3aba304b6505b2731c5e4b8de2dc759965a820a942c790f406e874de74146eb3397b622f8b0c6d75828c842e712b4af0f30711a8236d25255c5030cf5d499d662a642d5038bcde46f34870a0336ba6b3a6a86b6df93426da3d9e86598345d52ea8842872e3d7185b1dafef21ac63733785aed7eaab621fe5ec5752ddc0c81a90647ea21b09e2e38cb7b85fedd9c16b7596269a36ef08acb4b812d033d42d917a27c5c9b2c2254b40c100d1d05e4b2d51bd7a3ff24f4b8236d9df7f8d1798003d66cfabc4d313ab801599e92c086128d6")

23:33:28 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x715000, 0x0, 0x0, 0x0, 0x0})

23:33:28 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)="cae12dbe5b24d5bcffd2023e6af1d713a5e1faee40c667e93a7f24101acd902d5dc5125a0af6ac706d8b4f50b1010f", 0x2f}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0)

23:33:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
r20 = socket$packet(0x11, 0x3, 0x300)
getpeername$packet(r20, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)

23:33:29 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:29 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x71e000, 0x0, 0x0, 0x0, 0x0})

23:33:29 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:29 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x760000, 0x0, 0x0, 0x0, 0x0})

23:33:29 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r3, 0xc040563d, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x1, {0x8, 0xfffffffc, 0x7, 0x3}})
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r5, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000001140)='/dev/dlm_plock\x00', 0x105600, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r6, 0x80044d05, &(0x7f0000001180))
socket$netlink(0x10, 0x3, 0x6)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r8 = gettid()
ptrace$setopts(0x4206, r8, 0x0, 0x0)
tkill(r8, 0x20)
ptrace$getregs(0x1d, r8, 0x80000000, &(0x7f0000001080)=""/137)
ioctl$KDFONTOP_SET_DEF(r7, 0x4b72, &(0x7f0000001040)={0x2, 0x0, 0x7, 0x0, 0x20001, 0x0})
ioctl$TIOCNXCL(r7, 0x540d)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r9, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_FONT(r9, 0x4b61, &(0x7f0000000040)="1186236e8e06184509a8259d30fd3c50664631c34f49610f6296feac9e350499323cbe4582fcee41b38617ffe772319abb6eaf55a739a9e8573d8efc42e9612fdd8895f2ddc278aefaa60d15eaf28aa1d4ef0c69671defd05804e36e9d12b2407516630fdbee84458905e951998d4b52681f40f7ce76dd062d3bea50b0d0101bbd39e94122c43084d2b2f05b713bcd149bdbd09ae750e0d51f229b0721f15ac1347ee6677fb0e93c8560392e81d8f4aaf210eef891527ae22e0b535205315bec86a0ee42f95aad59eb996be7e5e09d82fb60f191fe44bad38940750a2b4304cc68d144ef4ceba4bb231eaeb6b15f9e75cb747b4a79fb51de559fdfe34b1de34d54382ed0459811783910aee353e11d426fcc85b38850c31b1640f6df72af0788649e5a2322583da10693cd6bc76681c467d145a52994f9a5386081e459998ec0079ccd25f8e782197c541154bc3c49c3f1de396f9e355c5a7452053c56a75db427515609f350da6a3766a520f3825590de6a179e44cb2290311cb909fcc79fb2be02b653248fbc10640ac05ae683489d503d97d42bc27fe9f9f72b55c259cb5d907e0f222f35b5b14d44a580cef78d75bed189779e20b4d99306fde8ad71d9668791e8fcfca1170f8e231fff910b5fa5a6cc581b61523e23203340f2182a00b5507b6caaca980366135b27ae2d1588f849ace6dc9f43ac523ba7ba334e25531de8069508df1e636e8c357ffb1109e5f911ee6f23dc87eddd240a94ae8b529ac1260813fc31d42122f935a0db7c04df435d6e119ab34ef548233b5064cac11dfad1a63b0685f9e673216a99073f3545f1b1bbd0a149e5f4d915dd164cce23475a49154cc875b67b660299f0363a92f8c3fb5815a652555f3c0035134455f81c87cc9caf9a9b330dd517491ca07b2d625b206e575d8cce77144ef307024347b32625e62f7597a470798f060d16474cfb9f4d9de8773f1f060eb630b343938137038b21e0656523653ddf7d589776f8c34186c789b673d9a7454b7974d0cfa1261cdf900d7ae092d710d6108eb22ee63f9c90211654faab6e2388af6349a088d7bc773014668d888032b275d53c0b43cf452ed7ff275b59009179df88852d6cf56c9a0030697e8ae0d8768ff1798e29d5962218991240eba7aa626f40cc1f81d04714a15d5e8657091967d1f102c36937e96e4cf1b402d6d83b12004de52423839a2ae08b15395b5e2eeac4c1692eeb65b627cfc8d51839d292a7f97962e5411b5c62557b38fe90f666d0cea1dbaad7bd83581242d92f94d94535982d763a0aee69f8ee9450440fe7f4695f47c33e8d0ba5045e56ceabf3ffe5cc954363bda50122f1a4a6dbc719893d755c51a6c6e811166da3c0253088b3975a9986545e15ab82443c1aad4630e90b500bd35a53173f77597664393d5f7cd0080165510cfa43d01aa043458ab05cbc682e2f31412dfd958e00a7b38641621339b05e83ade4a957d616d3fcc872698fb599de19908c119c38f21b92bbbcad000bb78209a48fdf25118fc264ab4351bb06891d6ee1a77919f4fb7dfca133a945c02105402716861fef0454d0d36644647192fc5eee0a1c94889903689d273883387e724cbcc8ad8bbe3bccfaa9395bccc848d4f666c58478cb74f02e87f3d919a121336b9cc8d18e2a9419c7d31508faafcf9f6dac80fca025c88fde3539e9fdd17fab15e685e854ba5026cc84265a027fbccb7df6b669fc7b074af93027568a7388a0a79fe270ddb31d3d5b593d5dcbe077390282c171ccf19b9aa77bbd4437ff570d17a1073e645d89ebfbdeaed80cd71517ac9e079a906d0217826490be13ed1b72c2b2793188b76f660dd6eb7f42919147d47b71262f1e60cd47d66fb7b4082969aebbb6a9f12c466cfb2593cd83119a69b1efe32b704627e4bd0f1967da6a69d2bdf7b864f04a09610b8522665cba965d1183f75cb4f7ef2baf2ad4f7be44f91729cae476b694b90281f27dffaf1329f80176915fcfa3584d0ce551e4be3c0814f377370d991929d27686910c40eb9323f6d4d4b140db1b491b9eab511afbfdb4c490301a2680b0dec9399468d3c192e9d9004c3c102483263f0557b902fbf81fb1bf1113cb52f63f488a268d265914634b7e5c66c9eff5f66cf0338393630eee740c712b69ba86ecdfb762b2ae97461a4ca4acac42c3b35796efdd93a5a11a78d552a0298b3414dedf9ceecd336f3ec238abc38f9e2b779596958a83d9db18e6a6e927f46b6c390d1377c07b07c0dc83bdc6fa2d0368907fa95ba164d58576ec76ab32b34610896d6e6d6cd5cf09999a14ebf54df3f1f1bce74de7369f0d18190bf62d4e33cbcbecf3229363ad582312a7b6dc80afa9b04bbe3ea07e0b6695339c9055b6705f66bdf850370ceb475977f59bf1510295972574aa30d6cd61f0d44b0d5bf3a0442feb1c81e310c2acf75ca2ceadc4a2c084197bf07217a05134dfa5a2add8fa4bf17dcf796124814ad0ef8677438ade404225c73c63402f478c80001350eb915d08bdc981f82d3362037b9bf4081150314a642119a05f832d435c01d18d016793ea80dcbd4ae012626d986f8bbb9ca5937f0d0e06f27840bc10e5611b1ba142bb69d2eed4f3556351141a69675bf3e50706e089d1bcf87a5ecdf425c4045e8b8c538c5e5833ad3ceb9c238b7d45c32149280cd1fe2c7fc3eb7b5c4d8d1c7d056257ff93d3cc29c73054ec957c1c5d6d939812c263d9486cd6c1d1cd5e5fceacf515ac71520c248fa6d0462280bcc5fd974323cc12b81277541a176eaeffe29b0bf7a3ab96108d9163bf0257426a10eb9070df15f079a154bcc42127864464595bc2060cf9ef222aca4a355536017d7b5399fd63205e1f608a5ec366bd85dda40713b9ac5849a32bc36b8354d4c491c6aca6245b75d213293017c70ccb0e2e92010f149eb681732115171c5c4d0d9d26eab9298534774cdb0b811f57819e87ee9cd3c798359419d154205b64be81e49138b2d5c3215887b9713f8826da93c4ae6bf3e698eb836a8fc1791999d27146213fe3ea7c3bebd94f576372752ba7d1f8352707a9bfcb60ef01adb407111cbba97cf7ee951d57a605df17fbd6bc7088c9a6a0ab8a82dee108495a7f97c88c63363d74bf0713b7e1a9069246f1553302d58605b19139e8871b10ef2e0263fcf2d38dc8dff093cdaf9aa97dcaf884919ddbb67c6401a95426f977ce6cd70407f30d0aa78145ac77fb89c0fde6c6aaed72dde211914e9a2d4967ba01545f580f87723c2d8763dc2f16051c97b690afc865d6f598c3a63f8595c0208dba95b98fb1ee171b8b0411cd21c555f4bcbf0a2508e8176888a3e758f896abfb07969b0b7dc731c19a04fb75c3605dd4216fb5a912429af67c57bb4f8be9bdedda7d2fece3f6f9d015ff384b0698d21d7aeb26d4d8da0bbfc0a8c61bfe3bbdefd3fe31c74c647743360d9b380c1cffe70fcf23b25e77134fe6c38973baf71afa806331b0568fd087297d477b5940d63d80449c2617f08acad2173bc0f3cc46291dc43718554cfd93d6afbdb9ab73966d3cbb1fe101552b8d5bb3bcbd94e0ef96124715e2fe3174c83fc7dbf2c1fdbb499cca37d2b3e823b618d351d107a15a071f678370ea0a2006dda407ada49d82d170025e3aaa936adfd81e736ac07ac51feef9fbc0b3f546d5aeb420e0d9518442b441da1de90db11d2784f433f8ec108b49f3c188a15c8115cca90107b983f56f61c51c79b084daea6ef24d9fa186cce029f533466fbfe8be51f12ace79bc0184f9a58b5d7ee4060d6fcb80ac6d1bafef7ac7f9c3fbc3933545f41f13f70abddc47549db8b6e8373fdb6ca2b509613c5b4ccd5107439729e812081b102d2c37a3205bf6f65ec282b71f1500b10b1ab9f0d752b5e34857d475460e0314104a30b89f486c08118a74053c967b1da8ad204a744ed7da8b7d4d1a22790a63c274f7ea6cceb79daca4d12053c2a6bdfb0a573be165569a08f05de2be2b8a337a0d33a1f9759a8646710fd297178c8ec8b58db0d4d4fe510d385c49d06beb230469f78f17738b989b6a72abd7580846da5120f019b848ce2bf3b43263d4fbefbcb8e9f751f4e13365836d136466d74a6e738449ceb9d5a4ebecb1624d4b2164a5be1e8371d9be991c6558ac659177bf8f9a49bb1ab2353d4c96ff91118198a272c3106caf84ed02ac122b1cd82d4c18aaa305c573e25f1a80e7aad143d7e1651567365eca01766449dd8da63fce58a7faea1912204f47d9ed579297b65861064add3834dcfd278dbd5416941d0d2a0250cd3903b6d010b86c88ceaa13d8ce873aa895301a980036529ecd33deabecc45bdc6e784d9e7e0d2c7d2cfb9d9a3d00fdd148d77f7d8b6e8a92ba30fafaec7d00c0365165308ef0d24405e58255d038025f22c96cf4b500a739c5b8fc8d288003f3ff09d62d568ac91033b172b34aca44969abdbb518afbb74eaacd06b4a5039016bf095ed464cc3d86894bb86b147ce8f045f54b2df37f3756cc8980c1b5e1de6add0d7c6c99728f633a06608571511113dcfdfdf5d01f4afeb4271506b4918e824e5a5f700d8e5e2e28f7c6da34069b9f12678b8f5b0f9e5bd118c4917683ece2485f53fe47e523329cdf986a9dd163fb6f12b8acadc6bef36402623605cf22f9cdb2fcd5c02251508a5c883c20210c0daa80585388c6a1a4c8a916b58dd8e87704e1fd6b9f44ce7c87df3cfabc1af0937f8fd34495ddcfae344b119d4c481bb7c21f2a3560d4c55e07013efd0ffdc83079d599d1389f7a4649427cfd7378e522aa971844cf417ef454e73106f0eaf5fbde6cd88eca022f9b308673197046d59bd17b2211ec93ec153069f991e72010c4b7b87ef95aaa3d4c58216244fadc3175a11ac94a7f01b7949f9df56ce4ba4bd6faf581080535dc010e125e69cc4ca23204f5b645c4fb13fe3117fc11f57149777aa04e41a37212cc428c5e9d24a37920e9e021603347fc4fbd1e64e6f51b420b65b9391297644b7bde01700f292c6bacb78ac5eee9fa5cbe857683fbd8789233667c37e9d86d347c6c6389d555cbc412d31d63b76e08ae4b760c80f81ba33f1ed5cee374d0e9225b22c6ae94a1b60409a59fdf1b1e82346246eaa473a4962653ec9e1d51c31d29dcf3250e69ff5fca013430a6aa8aa52849f05c1a4a85ad217a52c42f187b21df4b2833931ecb4bc764742c0a569cf77f5b97cd21b1196e181d7351f9ae807726a7452b63e60fe7e147151de90ce92dee4332da76327cfc3b543f0d0e7f4a263b7d4c9b2a1eede7ae4be0d122d792cf450fb281c5a93310e33cefbf4740417c49bdcb37cba11586880981d875b30de0f89b17faf772190d94bf15340e15e06b9dc9d93ee019c8d4862018e126d28426c785823f86e2603b3f47aab480950d33f911e59a7c388c66fbe08dc5ec4478379b5d74333dbedbf06ad77a5eadbfc70c6380643a9df77c0885877e29cd2b5af41bbe3aba304b6505b2731c5e4b8de2dc759965a820a942c790f406e874de74146eb3397b622f8b0c6d75828c842e712b4af0f30711a8236d25255c5030cf5d499d662a642d5038bcde46f34870a0336ba6b3a6a86b6df93426da3d9e86598345d52ea8842872e3d7185b1dafef21ac63733785aed7eaab621fe5ec5752ddc0c81a90647ea21b09e2e38cb7b85fedd9c16b7596269a36ef08acb4b812d033d42d917a27c5c9b2c2254b40c100d1d05e4b2d51bd7a3ff24f4b8236d9df7f8d1798003d66cfabc4d313ab801599e92c086128d6")

23:33:29 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:29 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0x960000, 0x0, 0x0, 0x0, 0x0})

23:33:29 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r3, 0xc040563d, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x1, {0x8, 0xfffffffc, 0x7, 0x3}})
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r5, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000001140)='/dev/dlm_plock\x00', 0x105600, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r6, 0x80044d05, &(0x7f0000001180))
socket$netlink(0x10, 0x3, 0x6)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r8 = gettid()
ptrace$setopts(0x4206, r8, 0x0, 0x0)
tkill(r8, 0x20)
ptrace$getregs(0x1d, r8, 0x80000000, &(0x7f0000001080)=""/137)
ioctl$KDFONTOP_SET_DEF(r7, 0x4b72, &(0x7f0000001040)={0x2, 0x0, 0x7, 0x0, 0x20001, 0x0})
ioctl$TIOCNXCL(r7, 0x540d)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r9, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_FONT(r9, 0x4b61, &(0x7f0000000040)="1186236e8e06184509a8259d30fd3c50664631c34f49610f6296feac9e350499323cbe4582fcee41b38617ffe772319abb6eaf55a739a9e8573d8efc42e9612fdd8895f2ddc278aefaa60d15eaf28aa1d4ef0c69671defd05804e36e9d12b2407516630fdbee84458905e951998d4b52681f40f7ce76dd062d3bea50b0d0101bbd39e94122c43084d2b2f05b713bcd149bdbd09ae750e0d51f229b0721f15ac1347ee6677fb0e93c8560392e81d8f4aaf210eef891527ae22e0b535205315bec86a0ee42f95aad59eb996be7e5e09d82fb60f191fe44bad38940750a2b4304cc68d144ef4ceba4bb231eaeb6b15f9e75cb747b4a79fb51de559fdfe34b1de34d54382ed0459811783910aee353e11d426fcc85b38850c31b1640f6df72af0788649e5a2322583da10693cd6bc76681c467d145a52994f9a5386081e459998ec0079ccd25f8e782197c541154bc3c49c3f1de396f9e355c5a7452053c56a75db427515609f350da6a3766a520f3825590de6a179e44cb2290311cb909fcc79fb2be02b653248fbc10640ac05ae683489d503d97d42bc27fe9f9f72b55c259cb5d907e0f222f35b5b14d44a580cef78d75bed189779e20b4d99306fde8ad71d9668791e8fcfca1170f8e231fff910b5fa5a6cc581b61523e23203340f2182a00b5507b6caaca980366135b27ae2d1588f849ace6dc9f43ac523ba7ba334e25531de8069508df1e636e8c357ffb1109e5f911ee6f23dc87eddd240a94ae8b529ac1260813fc31d42122f935a0db7c04df435d6e119ab34ef548233b5064cac11dfad1a63b0685f9e673216a99073f3545f1b1bbd0a149e5f4d915dd164cce23475a49154cc875b67b660299f0363a92f8c3fb5815a652555f3c0035134455f81c87cc9caf9a9b330dd517491ca07b2d625b206e575d8cce77144ef307024347b32625e62f7597a470798f060d16474cfb9f4d9de8773f1f060eb630b343938137038b21e0656523653ddf7d589776f8c34186c789b673d9a7454b7974d0cfa1261cdf900d7ae092d710d6108eb22ee63f9c90211654faab6e2388af6349a088d7bc773014668d888032b275d53c0b43cf452ed7ff275b59009179df88852d6cf56c9a0030697e8ae0d8768ff1798e29d5962218991240eba7aa626f40cc1f81d04714a15d5e8657091967d1f102c36937e96e4cf1b402d6d83b12004de52423839a2ae08b15395b5e2eeac4c1692eeb65b627cfc8d51839d292a7f97962e5411b5c62557b38fe90f666d0cea1dbaad7bd83581242d92f94d94535982d763a0aee69f8ee9450440fe7f4695f47c33e8d0ba5045e56ceabf3ffe5cc954363bda50122f1a4a6dbc719893d755c51a6c6e811166da3c0253088b3975a9986545e15ab82443c1aad4630e90b500bd35a53173f77597664393d5f7cd0080165510cfa43d01aa043458ab05cbc682e2f31412dfd958e00a7b38641621339b05e83ade4a957d616d3fcc872698fb599de19908c119c38f21b92bbbcad000bb78209a48fdf25118fc264ab4351bb06891d6ee1a77919f4fb7dfca133a945c02105402716861fef0454d0d36644647192fc5eee0a1c94889903689d273883387e724cbcc8ad8bbe3bccfaa9395bccc848d4f666c58478cb74f02e87f3d919a121336b9cc8d18e2a9419c7d31508faafcf9f6dac80fca025c88fde3539e9fdd17fab15e685e854ba5026cc84265a027fbccb7df6b669fc7b074af93027568a7388a0a79fe270ddb31d3d5b593d5dcbe077390282c171ccf19b9aa77bbd4437ff570d17a1073e645d89ebfbdeaed80cd71517ac9e079a906d0217826490be13ed1b72c2b2793188b76f660dd6eb7f42919147d47b71262f1e60cd47d66fb7b4082969aebbb6a9f12c466cfb2593cd83119a69b1efe32b704627e4bd0f1967da6a69d2bdf7b864f04a09610b8522665cba965d1183f75cb4f7ef2baf2ad4f7be44f91729cae476b694b90281f27dffaf1329f80176915fcfa3584d0ce551e4be3c0814f377370d991929d27686910c40eb9323f6d4d4b140db1b491b9eab511afbfdb4c490301a2680b0dec9399468d3c192e9d9004c3c102483263f0557b902fbf81fb1bf1113cb52f63f488a268d265914634b7e5c66c9eff5f66cf0338393630eee740c712b69ba86ecdfb762b2ae97461a4ca4acac42c3b35796efdd93a5a11a78d552a0298b3414dedf9ceecd336f3ec238abc38f9e2b779596958a83d9db18e6a6e927f46b6c390d1377c07b07c0dc83bdc6fa2d0368907fa95ba164d58576ec76ab32b34610896d6e6d6cd5cf09999a14ebf54df3f1f1bce74de7369f0d18190bf62d4e33cbcbecf3229363ad582312a7b6dc80afa9b04bbe3ea07e0b6695339c9055b6705f66bdf850370ceb475977f59bf1510295972574aa30d6cd61f0d44b0d5bf3a0442feb1c81e310c2acf75ca2ceadc4a2c084197bf07217a05134dfa5a2add8fa4bf17dcf796124814ad0ef8677438ade404225c73c63402f478c80001350eb915d08bdc981f82d3362037b9bf4081150314a642119a05f832d435c01d18d016793ea80dcbd4ae012626d986f8bbb9ca5937f0d0e06f27840bc10e5611b1ba142bb69d2eed4f3556351141a69675bf3e50706e089d1bcf87a5ecdf425c4045e8b8c538c5e5833ad3ceb9c238b7d45c32149280cd1fe2c7fc3eb7b5c4d8d1c7d056257ff93d3cc29c73054ec957c1c5d6d939812c263d9486cd6c1d1cd5e5fceacf515ac71520c248fa6d0462280bcc5fd974323cc12b81277541a176eaeffe29b0bf7a3ab96108d9163bf0257426a10eb9070df15f079a154bcc42127864464595bc2060cf9ef222aca4a355536017d7b5399fd63205e1f608a5ec366bd85dda40713b9ac5849a32bc36b8354d4c491c6aca6245b75d213293017c70ccb0e2e92010f149eb681732115171c5c4d0d9d26eab9298534774cdb0b811f57819e87ee9cd3c798359419d154205b64be81e49138b2d5c3215887b9713f8826da93c4ae6bf3e698eb836a8fc1791999d27146213fe3ea7c3bebd94f576372752ba7d1f8352707a9bfcb60ef01adb407111cbba97cf7ee951d57a605df17fbd6bc7088c9a6a0ab8a82dee108495a7f97c88c63363d74bf0713b7e1a9069246f1553302d58605b19139e8871b10ef2e0263fcf2d38dc8dff093cdaf9aa97dcaf884919ddbb67c6401a95426f977ce6cd70407f30d0aa78145ac77fb89c0fde6c6aaed72dde211914e9a2d4967ba01545f580f87723c2d8763dc2f16051c97b690afc865d6f598c3a63f8595c0208dba95b98fb1ee171b8b0411cd21c555f4bcbf0a2508e8176888a3e758f896abfb07969b0b7dc731c19a04fb75c3605dd4216fb5a912429af67c57bb4f8be9bdedda7d2fece3f6f9d015ff384b0698d21d7aeb26d4d8da0bbfc0a8c61bfe3bbdefd3fe31c74c647743360d9b380c1cffe70fcf23b25e77134fe6c38973baf71afa806331b0568fd087297d477b5940d63d80449c2617f08acad2173bc0f3cc46291dc43718554cfd93d6afbdb9ab73966d3cbb1fe101552b8d5bb3bcbd94e0ef96124715e2fe3174c83fc7dbf2c1fdbb499cca37d2b3e823b618d351d107a15a071f678370ea0a2006dda407ada49d82d170025e3aaa936adfd81e736ac07ac51feef9fbc0b3f546d5aeb420e0d9518442b441da1de90db11d2784f433f8ec108b49f3c188a15c8115cca90107b983f56f61c51c79b084daea6ef24d9fa186cce029f533466fbfe8be51f12ace79bc0184f9a58b5d7ee4060d6fcb80ac6d1bafef7ac7f9c3fbc3933545f41f13f70abddc47549db8b6e8373fdb6ca2b509613c5b4ccd5107439729e812081b102d2c37a3205bf6f65ec282b71f1500b10b1ab9f0d752b5e34857d475460e0314104a30b89f486c08118a74053c967b1da8ad204a744ed7da8b7d4d1a22790a63c274f7ea6cceb79daca4d12053c2a6bdfb0a573be165569a08f05de2be2b8a337a0d33a1f9759a8646710fd297178c8ec8b58db0d4d4fe510d385c49d06beb230469f78f17738b989b6a72abd7580846da5120f019b848ce2bf3b43263d4fbefbcb8e9f751f4e13365836d136466d74a6e738449ceb9d5a4ebecb1624d4b2164a5be1e8371d9be991c6558ac659177bf8f9a49bb1ab2353d4c96ff91118198a272c3106caf84ed02ac122b1cd82d4c18aaa305c573e25f1a80e7aad143d7e1651567365eca01766449dd8da63fce58a7faea1912204f47d9ed579297b65861064add3834dcfd278dbd5416941d0d2a0250cd3903b6d010b86c88ceaa13d8ce873aa895301a980036529ecd33deabecc45bdc6e784d9e7e0d2c7d2cfb9d9a3d00fdd148d77f7d8b6e8a92ba30fafaec7d00c0365165308ef0d24405e58255d038025f22c96cf4b500a739c5b8fc8d288003f3ff09d62d568ac91033b172b34aca44969abdbb518afbb74eaacd06b4a5039016bf095ed464cc3d86894bb86b147ce8f045f54b2df37f3756cc8980c1b5e1de6add0d7c6c99728f633a06608571511113dcfdfdf5d01f4afeb4271506b4918e824e5a5f700d8e5e2e28f7c6da34069b9f12678b8f5b0f9e5bd118c4917683ece2485f53fe47e523329cdf986a9dd163fb6f12b8acadc6bef36402623605cf22f9cdb2fcd5c02251508a5c883c20210c0daa80585388c6a1a4c8a916b58dd8e87704e1fd6b9f44ce7c87df3cfabc1af0937f8fd34495ddcfae344b119d4c481bb7c21f2a3560d4c55e07013efd0ffdc83079d599d1389f7a4649427cfd7378e522aa971844cf417ef454e73106f0eaf5fbde6cd88eca022f9b308673197046d59bd17b2211ec93ec153069f991e72010c4b7b87ef95aaa3d4c58216244fadc3175a11ac94a7f01b7949f9df56ce4ba4bd6faf581080535dc010e125e69cc4ca23204f5b645c4fb13fe3117fc11f57149777aa04e41a37212cc428c5e9d24a37920e9e021603347fc4fbd1e64e6f51b420b65b9391297644b7bde01700f292c6bacb78ac5eee9fa5cbe857683fbd8789233667c37e9d86d347c6c6389d555cbc412d31d63b76e08ae4b760c80f81ba33f1ed5cee374d0e9225b22c6ae94a1b60409a59fdf1b1e82346246eaa473a4962653ec9e1d51c31d29dcf3250e69ff5fca013430a6aa8aa52849f05c1a4a85ad217a52c42f187b21df4b2833931ecb4bc764742c0a569cf77f5b97cd21b1196e181d7351f9ae807726a7452b63e60fe7e147151de90ce92dee4332da76327cfc3b543f0d0e7f4a263b7d4c9b2a1eede7ae4be0d122d792cf450fb281c5a93310e33cefbf4740417c49bdcb37cba11586880981d875b30de0f89b17faf772190d94bf15340e15e06b9dc9d93ee019c8d4862018e126d28426c785823f86e2603b3f47aab480950d33f911e59a7c388c66fbe08dc5ec4478379b5d74333dbedbf06ad77a5eadbfc70c6380643a9df77c0885877e29cd2b5af41bbe3aba304b6505b2731c5e4b8de2dc759965a820a942c790f406e874de74146eb3397b622f8b0c6d75828c842e712b4af0f30711a8236d25255c5030cf5d499d662a642d5038bcde46f34870a0336ba6b3a6a86b6df93426da3d9e86598345d52ea8842872e3d7185b1dafef21ac63733785aed7eaab621fe5ec5752ddc0c81a90647ea21b09e2e38cb7b85fedd9c16b7596269a36ef08acb4b812d033d42d917a27c5c9b2c2254b40c100d1d05e4b2d51bd7a3ff24f4b8236d9df7f8d1798003d66cfabc4d313ab801599e92c086128d6")

23:33:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x0, 0x7, 0x4, 0x100000, 0x6, {0x77359400}, {0x5, 0x2, 0x8, 0x4, 0x80, 0x2, "ca61a53e"}, 0x669, 0x4, @planes=&(0x7f0000000000)={0x200, 0x8, @fd, 0x1}, 0xfffffffd})
syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000b5ccc2ca9bb164b78e676df776c8f93f86dc01431961440c36e8f3f3b2279f2da0993202413121fe6066a3a213f1c76557dec6f8442dbb44e3d706ee8712b4449ea3092dcfbb2c68000a57d169a61893609332c01f8e85a2adb89c33e7e232e7f0e37e068dff578855b141c0dcddb1a0c495c9997aba344a89a55d3139b1085429c26951fcfe5ae05634f21e066cd3f106ff532343e71627ab989285e45d4eabe47b29a91dbb04b10c2b0542aaf0f4ceab06c06ab5540c8b11661c712e1cbb0705b9f08af6a3e149188e7d3e44f322c28b15de12817f3f276425fe0516", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d04000000000000000010000000", @ANYRES32=r7, @ANYBLOB="6b3ce5a621f42f42"], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@remote}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r10}}, 0x20}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r13}}, 0x20}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r16}}, 0x20}}, 0x0)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r17, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r19}}, 0x20}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r20 = socket$packet(0x11, 0x3, 0x300)
getpeername$packet(r20, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)

23:33:29 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

23:33:29 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{0x0}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:29 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_COPY(r0, 0x4b66, &(0x7f0000000400)={0x3, 0xe07100, 0x0, 0x0, 0x0, 0x0})

23:33:29 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x540b, 0x2)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r3, 0xc040563d, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x1, {0x8, 0xfffffffc, 0x7, 0x3}})
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r5, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000001140)='/dev/dlm_plock\x00', 0x105600, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r6, 0x80044d05, &(0x7f0000001180))
socket$netlink(0x10, 0x3, 0x6)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r8 = gettid()
ptrace$setopts(0x4206, r8, 0x0, 0x0)
tkill(r8, 0x20)
ptrace$getregs(0x1d, r8, 0x80000000, &(0x7f0000001080)=""/137)
ioctl$KDFONTOP_SET_DEF(r7, 0x4b72, &(0x7f0000001040)={0x2, 0x0, 0x7, 0x0, 0x20001, 0x0})
ioctl$TIOCNXCL(r7, 0x540d)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r9, 0x4b72, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PIO_FONT(r9, 0x4b61, &(0x7f0000000040)="1186236e8e06184509a8259d30fd3c50664631c34f49610f6296feac9e350499323cbe4582fcee41b38617ffe772319abb6eaf55a739a9e8573d8efc42e9612fdd8895f2ddc278aefaa60d15eaf28aa1d4ef0c69671defd05804e36e9d12b2407516630fdbee84458905e951998d4b52681f40f7ce76dd062d3bea50b0d0101bbd39e94122c43084d2b2f05b713bcd149bdbd09ae750e0d51f229b0721f15ac1347ee6677fb0e93c8560392e81d8f4aaf210eef891527ae22e0b535205315bec86a0ee42f95aad59eb996be7e5e09d82fb60f191fe44bad38940750a2b4304cc68d144ef4ceba4bb231eaeb6b15f9e75cb747b4a79fb51de559fdfe34b1de34d54382ed0459811783910aee353e11d426fcc85b38850c31b1640f6df72af0788649e5a2322583da10693cd6bc76681c467d145a52994f9a5386081e459998ec0079ccd25f8e782197c541154bc3c49c3f1de396f9e355c5a7452053c56a75db427515609f350da6a3766a520f3825590de6a179e44cb2290311cb909fcc79fb2be02b653248fbc10640ac05ae683489d503d97d42bc27fe9f9f72b55c259cb5d907e0f222f35b5b14d44a580cef78d75bed189779e20b4d99306fde8ad71d9668791e8fcfca1170f8e231fff910b5fa5a6cc581b61523e23203340f2182a00b5507b6caaca980366135b27ae2d1588f849ace6dc9f43ac523ba7ba334e25531de8069508df1e636e8c357ffb1109e5f911ee6f23dc87eddd240a94ae8b529ac1260813fc31d42122f935a0db7c04df435d6e119ab34ef548233b5064cac11dfad1a63b0685f9e673216a99073f3545f1b1bbd0a149e5f4d915dd164cce23475a49154cc875b67b660299f0363a92f8c3fb5815a652555f3c0035134455f81c87cc9caf9a9b330dd517491ca07b2d625b206e575d8cce77144ef307024347b32625e62f7597a470798f060d16474cfb9f4d9de8773f1f060eb630b343938137038b21e0656523653ddf7d589776f8c34186c789b673d9a7454b7974d0cfa1261cdf900d7ae092d710d6108eb22ee63f9c90211654faab6e2388af6349a088d7bc773014668d888032b275d53c0b43cf452ed7ff275b59009179df88852d6cf56c9a0030697e8ae0d8768ff1798e29d5962218991240eba7aa626f40cc1f81d04714a15d5e8657091967d1f102c36937e96e4cf1b402d6d83b12004de52423839a2ae08b15395b5e2eeac4c1692eeb65b627cfc8d51839d292a7f97962e5411b5c62557b38fe90f666d0cea1dbaad7bd83581242d92f94d94535982d763a0aee69f8ee9450440fe7f4695f47c33e8d0ba5045e56ceabf3ffe5cc954363bda50122f1a4a6dbc719893d755c51a6c6e811166da3c0253088b3975a9986545e15ab82443c1aad4630e90b500bd35a53173f77597664393d5f7cd0080165510cfa43d01aa043458ab05cbc682e2f31412dfd958e00a7b38641621339b05e83ade4a957d616d3fcc872698fb599de19908c119c38f21b92bbbcad000bb78209a48fdf25118fc264ab4351bb06891d6ee1a77919f4fb7dfca133a945c02105402716861fef0454d0d36644647192fc5eee0a1c94889903689d273883387e724cbcc8ad8bbe3bccfaa9395bccc848d4f666c58478cb74f02e87f3d919a121336b9cc8d18e2a9419c7d31508faafcf9f6dac80fca025c88fde3539e9fdd17fab15e685e854ba5026cc84265a027fbccb7df6b669fc7b074af93027568a7388a0a79fe270ddb31d3d5b593d5dcbe077390282c171ccf19b9aa77bbd4437ff570d17a1073e645d89ebfbdeaed80cd71517ac9e079a906d0217826490be13ed1b72c2b2793188b76f660dd6eb7f42919147d47b71262f1e60cd47d66fb7b4082969aebbb6a9f12c466cfb2593cd83119a69b1efe32b704627e4bd0f1967da6a69d2bdf7b864f04a09610b8522665cba965d1183f75cb4f7ef2baf2ad4f7be44f91729cae476b694b90281f27dffaf1329f80176915fcfa3584d0ce551e4be3c0814f377370d991929d27686910c40eb9323f6d4d4b140db1b491b9eab511afbfdb4c490301a2680b0dec9399468d3c192e9d9004c3c102483263f0557b902fbf81fb1bf1113cb52f63f488a268d265914634b7e5c66c9eff5f66cf0338393630eee740c712b69ba86ecdfb762b2ae97461a4ca4acac42c3b35796efdd93a5a11a78d552a0298b3414dedf9ceecd336f3ec238abc38f9e2b779596958a83d9db18e6a6e927f46b6c390d1377c07b07c0dc83bdc6fa2d0368907fa95ba164d58576ec76ab32b34610896d6e6d6cd5cf09999a14ebf54df3f1f1bce74de7369f0d18190bf62d4e33cbcbecf3229363ad582312a7b6dc80afa9b04bbe3ea07e0b6695339c9055b6705f66bdf850370ceb475977f59bf1510295972574aa30d6cd61f0d44b0d5bf3a0442feb1c81e310c2acf75ca2ceadc4a2c084197bf07217a05134dfa5a2add8fa4bf17dcf796124814ad0ef8677438ade404225c73c63402f478c80001350eb915d08bdc981f82d3362037b9bf4081150314a642119a05f832d435c01d18d016793ea80dcbd4ae012626d986f8bbb9ca5937f0d0e06f27840bc10e5611b1ba142bb69d2eed4f3556351141a69675bf3e50706e089d1bcf87a5ecdf425c4045e8b8c538c5e5833ad3ceb9c238b7d45c32149280cd1fe2c7fc3eb7b5c4d8d1c7d056257ff93d3cc29c73054ec957c1c5d6d939812c263d9486cd6c1d1cd5e5fceacf515ac71520c248fa6d0462280bcc5fd974323cc12b81277541a176eaeffe29b0bf7a3ab96108d9163bf0257426a10eb9070df15f079a154bcc42127864464595bc2060cf9ef222aca4a355536017d7b5399fd63205e1f608a5ec366bd85dda40713b9ac5849a32bc36b8354d4c491c6aca6245b75d213293017c70ccb0e2e92010f149eb681732115171c5c4d0d9d26eab9298534774cdb0b811f57819e87ee9cd3c798359419d154205b64be81e49138b2d5c3215887b9713f8826da93c4ae6bf3e698eb836a8fc1791999d27146213fe3ea7c3bebd94f576372752ba7d1f8352707a9bfcb60ef01adb407111cbba97cf7ee951d57a605df17fbd6bc7088c9a6a0ab8a82dee108495a7f97c88c63363d74bf0713b7e1a9069246f1553302d58605b19139e8871b10ef2e0263fcf2d38dc8dff093cdaf9aa97dcaf884919ddbb67c6401a95426f977ce6cd70407f30d0aa78145ac77fb89c0fde6c6aaed72dde211914e9a2d4967ba01545f580f87723c2d8763dc2f16051c97b690afc865d6f598c3a63f8595c0208dba95b98fb1ee171b8b0411cd21c555f4bcbf0a2508e8176888a3e758f896abfb07969b0b7dc731c19a04fb75c3605dd4216fb5a912429af67c57bb4f8be9bdedda7d2fece3f6f9d015ff384b0698d21d7aeb26d4d8da0bbfc0a8c61bfe3bbdefd3fe31c74c647743360d9b380c1cffe70fcf23b25e77134fe6c38973baf71afa806331b0568fd087297d477b5940d63d80449c2617f08acad2173bc0f3cc46291dc43718554cfd93d6afbdb9ab73966d3cbb1fe101552b8d5bb3bcbd94e0ef96124715e2fe3174c83fc7dbf2c1fdbb499cca37d2b3e823b618d351d107a15a071f678370ea0a2006dda407ada49d82d170025e3aaa936adfd81e736ac07ac51feef9fbc0b3f546d5aeb420e0d9518442b441da1de90db11d2784f433f8ec108b49f3c188a15c8115cca90107b983f56f61c51c79b084daea6ef24d9fa186cce029f533466fbfe8be51f12ace79bc0184f9a58b5d7ee4060d6fcb80ac6d1bafef7ac7f9c3fbc3933545f41f13f70abddc47549db8b6e8373fdb6ca2b509613c5b4ccd5107439729e812081b102d2c37a3205bf6f65ec282b71f1500b10b1ab9f0d752b5e34857d475460e0314104a30b89f486c08118a74053c967b1da8ad204a744ed7da8b7d4d1a22790a63c274f7ea6cceb79daca4d12053c2a6bdfb0a573be165569a08f05de2be2b8a337a0d33a1f9759a8646710fd297178c8ec8b58db0d4d4fe510d385c49d06beb230469f78f17738b989b6a72abd7580846da5120f019b848ce2bf3b43263d4fbefbcb8e9f751f4e13365836d136466d74a6e738449ceb9d5a4ebecb1624d4b2164a5be1e8371d9be991c6558ac659177bf8f9a49bb1ab2353d4c96ff91118198a272c3106caf84ed02ac122b1cd82d4c18aaa305c573e25f1a80e7aad143d7e1651567365eca01766449dd8da63fce58a7faea1912204f47d9ed579297b65861064add3834dcfd278dbd5416941d0d2a0250cd3903b6d010b86c88ceaa13d8ce873aa895301a980036529ecd33deabecc45bdc6e784d9e7e0d2c7d2cfb9d9a3d00fdd148d77f7d8b6e8a92ba30fafaec7d00c0365165308ef0d24405e58255d038025f22c96cf4b500a739c5b8fc8d288003f3ff09d62d568ac91033b172b34aca44969abdbb518afbb74eaacd06b4a5039016bf095ed464cc3d86894bb86b147ce8f045f54b2df37f3756cc8980c1b5e1de6add0d7c6c99728f633a06608571511113dcfdfdf5d01f4afeb4271506b4918e824e5a5f700d8e5e2e28f7c6da34069b9f12678b8f5b0f9e5bd118c4917683ece2485f53fe47e523329cdf986a9dd163fb6f12b8acadc6bef36402623605cf22f9cdb2fcd5c02251508a5c883c20210c0daa80585388c6a1a4c8a916b58dd8e87704e1fd6b9f44ce7c87df3cfabc1af0937f8fd34495ddcfae344b119d4c481bb7c21f2a3560d4c55e07013efd0ffdc83079d599d1389f7a4649427cfd7378e522aa971844cf417ef454e73106f0eaf5fbde6cd88eca022f9b308673197046d59bd17b2211ec93ec153069f991e72010c4b7b87ef95aaa3d4c58216244fadc3175a11ac94a7f01b7949f9df56ce4ba4bd6faf581080535dc010e125e69cc4ca23204f5b645c4fb13fe3117fc11f57149777aa04e41a37212cc428c5e9d24a37920e9e021603347fc4fbd1e64e6f51b420b65b9391297644b7bde01700f292c6bacb78ac5eee9fa5cbe857683fbd8789233667c37e9d86d347c6c6389d555cbc412d31d63b76e08ae4b760c80f81ba33f1ed5cee374d0e9225b22c6ae94a1b60409a59fdf1b1e82346246eaa473a4962653ec9e1d51c31d29dcf3250e69ff5fca013430a6aa8aa52849f05c1a4a85ad217a52c42f187b21df4b2833931ecb4bc764742c0a569cf77f5b97cd21b1196e181d7351f9ae807726a7452b63e60fe7e147151de90ce92dee4332da76327cfc3b543f0d0e7f4a263b7d4c9b2a1eede7ae4be0d122d792cf450fb281c5a93310e33cefbf4740417c49bdcb37cba11586880981d875b30de0f89b17faf772190d94bf15340e15e06b9dc9d93ee019c8d4862018e126d28426c785823f86e2603b3f47aab480950d33f911e59a7c388c66fbe08dc5ec4478379b5d74333dbedbf06ad77a5eadbfc70c6380643a9df77c0885877e29cd2b5af41bbe3aba304b6505b2731c5e4b8de2dc759965a820a942c790f406e874de74146eb3397b622f8b0c6d75828c842e712b4af0f30711a8236d25255c5030cf5d499d662a642d5038bcde46f34870a0336ba6b3a6a86b6df93426da3d9e86598345d52ea8842872e3d7185b1dafef21ac63733785aed7eaab621fe5ec5752ddc0c81a90647ea21b09e2e38cb7b85fedd9c16b7596269a36ef08acb4b812d033d42d917a27c5c9b2c2254b40c100d1d05e4b2d51bd7a3ff24f4b8236d9df7f8d1798003d66cfabc4d313ab801599e92c086128d6")

23:33:29 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
getresgid(0x0, &(0x7f0000000400), 0x0)
pipe(&(0x7f00000001c0))
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000004c0)}], 0x1)
write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)={0x23, 0x6f, 0x1, {0x2, [{0x80, 0x2}, {0x2, 0x3}]}}, 0x23)
lseek(0xffffffffffffffff, 0x5, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
ftruncate(r2, 0x4000ff9)
open(&(0x7f0000000240)='./bus\x00', 0x105000, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)={0x1, 0x0, [{0x7, 0x0, 0x2}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0xc008ae88, 0x0)

23:33:29 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f0000000000)={0x7, 0xc77a, 0x2, 0x0, 0x7fff, 0xb1})

[  868.816402] ==================================================================
[  868.816448] BUG: KASAN: use-after-free in con_shutdown+0x85/0x90
[  868.816459] Write of size 8 at addr ffff88805f6d2288 by task syz-executor.4/18100
[  868.816463] 
[  868.816480] CPU: 0 PID: 18100 Comm: syz-executor.4 Not tainted 4.19.95-syzkaller #0
[  868.816488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  868.816493] Call Trace:
[  868.816514]  dump_stack+0x197/0x210
[  868.816533]  ? con_shutdown+0x85/0x90
[  868.816554]  print_address_description.cold+0x7c/0x20d
[  868.816577]  ? con_shutdown+0x85/0x90
[  868.816592]  kasan_report.cold+0x8c/0x2ba
[  868.816608]  ? set_palette+0x1c0/0x1c0
[  868.816626]  __asan_report_store8_noabort+0x17/0x20
[  868.816641]  con_shutdown+0x85/0x90
[  868.816656]  release_tty+0xe4/0x4d0
[  868.816679]  tty_release_struct+0x3c/0x50
[  868.816693]  tty_release+0xbcb/0xe90
[  868.816716]  ? tty_release_struct+0x50/0x50
[  868.816732]  __fput+0x2dd/0x8b0
[  868.816755]  ____fput+0x16/0x20
[  868.816771]  task_work_run+0x145/0x1c0
[  868.816794]  exit_to_usermode_loop+0x273/0x2c0
[  868.816813]  do_syscall_64+0x53d/0x620
[  868.816832]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  868.816843] RIP: 0033:0x414ae1
[  868.816856] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  868.816863] RSP: 002b:00007ffd03471e20 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  868.816875] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000414ae1
[  868.816882] RDX: 0000001b31a20000 RSI: 0000000000000000 RDI: 0000000000000003
[  868.816891] RBP: 0000000000000001 R08: 0000000029a7918f R09: 0000000029a79193
[  868.816899] R10: 00007ffd03471f00 R11: 0000000000000293 R12: 000000000075bf20
[  868.816908] R13: 00000000000d41a2 R14: 00000000007601b8 R15: 000000000075bf2c
[  868.816927] 
[  868.816934] Allocated by task 18096:
[  868.816947]  save_stack+0x45/0xd0
[  868.816958]  kasan_kmalloc+0xce/0xf0
[  868.816971]  kmem_cache_alloc_trace+0x152/0x760
[  868.816985]  vc_allocate+0x1f5/0x760
[  868.816997]  con_install+0x52/0x410
[  868.817009]  tty_init_dev+0xf7/0x460
[  868.817020]  tty_open+0x4bf/0xb70
[  868.817031]  chrdev_open+0x245/0x6b0
[  868.817041]  do_dentry_open+0x4c3/0x1210
[  868.817051]  vfs_open+0xa0/0xd0
[  868.817062]  path_openat+0x10d7/0x45e0
[  868.817072]  do_filp_open+0x1a1/0x280
[  868.817083]  do_sys_open+0x3fe/0x550
[  868.817094]  __x64_sys_open+0x7e/0xc0
[  868.817107]  do_syscall_64+0xfd/0x620
[  868.817120]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  868.817123] 
[  868.817130] Freed by task 18106:
[  868.817143]  save_stack+0x45/0xd0
[  868.817156]  __kasan_slab_free+0x102/0x150
[  868.817169]  kasan_slab_free+0xe/0x10
[  868.817179]  kfree+0xcf/0x220
[  868.817191]  vt_disallocate_all+0x2bd/0x3e0
[  868.817201]  vt_ioctl+0xc38/0x2530
[  868.817212]  tty_ioctl+0x7f3/0x1510
[  868.817224]  do_vfs_ioctl+0xd5f/0x1380
[  868.817235]  ksys_ioctl+0xab/0xd0
[  868.817248]  __x64_sys_ioctl+0x73/0xb0
[  868.817261]  do_syscall_64+0xfd/0x620
[  868.817275]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  868.817278] 
[  868.817289] The buggy address belongs to the object at ffff88805f6d2180
[  868.817289]  which belongs to the cache kmalloc-2048 of size 2048
[  868.817300] The buggy address is located 264 bytes inside of
[  868.817300]  2048-byte region [ffff88805f6d2180, ffff88805f6d2980)
[  868.817305] The buggy address belongs to the page:
[  868.817317] page:ffffea00017db480 count:1 mapcount:0 mapping:ffff88812c31cc40 index:0x0 compound_mapcount: 0
[  868.817330] flags: 0xfffe0000008100(slab|head)
[  868.817348] raw: 00fffe0000008100 ffffea00017f2c88 ffffea00017f5588 ffff88812c31cc40
[  868.817362] raw: 0000000000000000 ffff88805f6d2180 0000000100000003 0000000000000000
[  868.817367] page dumped because: kasan: bad access detected
[  868.817370] 
[  868.817374] Memory state around the buggy address:
[  868.817384]  ffff88805f6d2180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  868.817395]  ffff88805f6d2200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  868.817405] >ffff88805f6d2280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  868.817409]                       ^
[  868.817417]  ffff88805f6d2300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  868.817426]  ffff88805f6d2380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  868.817430] ==================================================================
[  868.817435] Disabling lock debugging due to kernel taint
[  868.817503] Kernel panic - not syncing: panic_on_warn set ...
[  868.817503] 
[  868.817516] CPU: 0 PID: 18100 Comm: syz-executor.4 Tainted: G    B             4.19.95-syzkaller #0
[  868.817523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  868.817526] Call Trace:
[  868.817541]  dump_stack+0x197/0x210
[  868.817557]  ? con_shutdown+0x85/0x90
[  868.817568]  panic+0x26a/0x50e
[  868.817578]  ? __warn_printk+0xf3/0xf3
[  868.817591]  ? con_shutdown+0x85/0x90
[  868.817617]  ? preempt_schedule+0x4b/0x60
[  868.817631]  ? ___preempt_schedule+0x16/0x18
[  868.817646]  ? trace_hardirqs_on+0x5e/0x220
[  868.817660]  ? con_shutdown+0x85/0x90
[  868.817678]  kasan_end_report+0x47/0x4f
[  868.817692]  kasan_report.cold+0xa9/0x2ba
[  868.817705]  ? set_palette+0x1c0/0x1c0
[  868.817720]  __asan_report_store8_noabort+0x17/0x20
[  868.817732]  con_shutdown+0x85/0x90
[  868.817744]  release_tty+0xe4/0x4d0
[  868.817758]  tty_release_struct+0x3c/0x50
[  868.817771]  tty_release+0xbcb/0xe90
[  868.817787]  ? tty_release_struct+0x50/0x50
[  868.817800]  __fput+0x2dd/0x8b0
[  868.817815]  ____fput+0x16/0x20
[  868.817827]  task_work_run+0x145/0x1c0
[  868.817842]  exit_to_usermode_loop+0x273/0x2c0
[  868.817856]  do_syscall_64+0x53d/0x620
[  868.817870]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  868.817877] RIP: 0033:0x414ae1
[  868.817889] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  868.817895] RSP: 002b:00007ffd03471e20 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  868.817905] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000414ae1
[  868.817912] RDX: 0000001b31a20000 RSI: 0000000000000000 RDI: 0000000000000003
[  868.817919] RBP: 0000000000000001 R08: 0000000029a7918f R09: 0000000029a79193
[  868.817926] R10: 00007ffd03471f00 R11: 0000000000000293 R12: 000000000075bf20
[  868.817932] R13: 00000000000d41a2 R14: 00000000007601b8 R15: 000000000075bf2c
[  868.819354] Kernel Offset: disabled
[  869.441602] Rebooting in 86400 seconds..