d4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:27:02 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x16001, 0x0) 01:27:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000080)={0x0, 0x0, [0xc0000100, 0x0, 0x3, 0x2, 0x6e0]}) 01:27:02 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', 0x0, 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:02 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:02 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0) sendmmsg(r0, &(0x7f0000003500)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000b40)="390284246ca1dc05ce4410a6ca80c1439fd609fdadaaa966d941", 0x1a}, {&(0x7f0000000100)="0977edcbda724e6fdbb1de6408f9228252515bd664f5f7b0ba660ed761f628bbe9ecc20d54af6f2258abc332e7134b1a26cb8be06844978cd607b08f154b8a134ffc2dc8a2509131ddb0fe8199de0f1eaf3c83e4435a39b1f8ceb602bbdb7d8c5440e401fc3739a597f6fe35be18608c61707ae554071e175374d460fbe62bd49029675fed41627e1826b813184647a7a16413385d1136a7f51d1227b02a808e64e5d09255d558edd446c1607ee6d170dce4", 0xb2}], 0x2}}], 0x1, 0x881) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x4d, 0x0, 0x0, 0x0) 01:27:02 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x16001, 0x0) 01:27:02 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', 0x0, 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:03 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x118, 0x118, 0x6, [@union={0x0, 0x7, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}]}, @var, @struct={0x0, 0x8, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, @restrict, @func_proto, @ptr, @array]}, {0x0, [0x0, 0x0, 0x0, 0x0]}}, 0x0, 0x136}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:27:03 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0) sendmmsg(r0, &(0x7f0000003500)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000b40)="390284246ca1dc05ce4410a6ca80c1439fd609fdadaaa966d941", 0x1a}, {&(0x7f0000000100)="0977edcbda724e6fdbb1de6408f9228252515bd664f5f7b0ba660ed761f628bbe9ecc20d54af6f2258abc332e7134b1a26cb8be06844978cd607b08f154b8a134ffc2dc8a2509131ddb0fe8199de0f1eaf3c83e4435a39b1f8ceb602bbdb7d8c5440e401fc3739a597f6fe35be18608c61707ae554071e175374d460fbe62bd49029675fed41627e1826b813184647a7a16413385d1136a7f51d1227b02a808e64e5d09255d558edd446c1607ee6d170dce4", 0xb2}], 0x2}}], 0x1, 0x881) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x4d, 0x0, 0x0, 0x0) 01:27:03 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:03 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x16001, 0x0) 01:27:04 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x0, 0x0, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:04 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', 0x0, 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:04 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000340), 0x0, 0x0) 01:27:04 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:04 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x16001, 0x0) 01:27:04 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$key(0xf, 0x3, 0x2) sched_setattr(0x0, 0x0, 0x0) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r1, &(0x7f0000000980), 0x10a9) r2 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x46000) lseek(r2, 0x4200, 0x0) r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r4, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f0000000000), 0x10000}]) r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x8400fffffffb) sendfile(r1, r1, &(0x7f0000000100), 0x8080ffffff7e) 01:27:04 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) [ 740.342741][ T27] audit: type=1804 audit(1600651624.431:65): pid=18056 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/378/bus" dev="sda1" ino=16370 res=1 errno=0 01:27:04 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80008100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = socket$inet6(0xa, 0x80003, 0x6e) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000e00)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x2c0, 0x280, 0x280, 0x0, 0x280, 0x390, 0x350, 0x350, 0x390, 0x382, 0x3, 0x0, {[{{@ipv6={@remote={0xfe, 0x80, [0x0, 0xf4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}, @mcast2, [], [], 'veth1_to_bond\x00', 'netpci0\x00'}, 0x0, 0x250, 0x2c0, 0x0, {}, [@common=@inet=@hashlimit2={{0x150, 'hashlimit\x00'}, {'syzkaller1\x00', {0x0, 0x0, 0x0, 0x0, 0x0, 0x1ab618fe, 0x800}}}, @common=@inet=@hashlimit1={{0x58, 'hashlimit\x00'}, {'syzkaller1\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "6f9af9b36fb048abaa303de86137fe234fd9dcb8889ace36894592455cb2b59b1ea7fe91e59fb2978f6fc3ede666a84d0f6a748acdf95f03c3555c84f5009700"}}}, {{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0xa8, 0xd0}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x25) wait4(0xffffffffffffffff, 0x0, 0x0, 0x0) 01:27:04 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(0xffffffffffffffff, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x16001, 0x0) 01:27:04 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:05 executing program 1: bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffedf, &(0x7f0000000000)='/proc/\x00\x00s/sy\x00\xef\xffZ\xff\x00\x00\x00\x00\x00\x00\x00'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000000100)=""/153, 0x6c5b5f1f386a312d) [ 741.000799][T18072] FAT-fs (loop5): bogus number of reserved sectors [ 741.007701][T18072] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 741.016941][T18072] FAT-fs (loop5): Can't find a valid FAT filesystem [ 741.024672][ T27] audit: type=1804 audit(1600651625.101:66): pid=18063 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/378/bus" dev="sda1" ino=16370 res=1 errno=0 01:27:05 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(0xffffffffffffffff, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x16001, 0x0) 01:27:05 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x0, 0x0, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:05 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:05 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:05 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(0xffffffffffffffff, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x16001, 0x0) [ 741.874126][T18096] FAT-fs (loop5): bogus number of reserved sectors [ 741.881251][T18096] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 741.890922][T18096] FAT-fs (loop5): Can't find a valid FAT filesystem [ 741.905428][ T27] audit: type=1804 audit(1600651625.991:67): pid=18098 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/379/bus" dev="sda1" ino=16379 res=1 errno=0 01:27:06 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:06 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(r0, 0x0, 0x0, 0x16001, 0x0) 01:27:06 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xa, &(0x7f0000000300)="c4fe910c6786ce220000"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1f) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:27:06 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:06 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x0, 0x0, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:06 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) [ 742.783738][T18106] FAT-fs (loop5): bogus number of reserved sectors [ 742.790770][T18106] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 742.800239][T18106] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:06 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(r0, 0x0, 0x0, 0x16001, 0x0) 01:27:07 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x0, 0x0, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:27:07 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write(r0, &(0x7f0000000140)="04000000", 0x4) 01:27:07 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:07 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) [ 743.395968][ T27] audit: type=1804 audit(1600651627.481:68): pid=18127 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/380/bus" dev="sda1" ino=16365 res=1 errno=0 01:27:07 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(r0, 0x0, 0x0, 0x16001, 0x0) 01:27:08 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x16, &(0x7f0000000300)="c4fe910c6786ce22000000000000000300dd444e0735"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1f) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:27:08 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:08 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:08 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(r0, &(0x7f0000002040), 0x0, 0x16001, 0x0) 01:27:08 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x0, 0x0, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:27:08 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:08 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0xa}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 01:27:08 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:08 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) [ 744.909964][T18154] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 744.929691][T18154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 744.939810][T18154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready 01:27:09 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(r0, &(0x7f0000002040), 0x0, 0x16001, 0x0) [ 745.115819][T18154] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 745.134772][T18154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 745.144281][T18154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 745.275454][ T27] audit: type=1804 audit(1600651629.361:69): pid=18161 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/381/bus" dev="sda1" ino=15740 res=1 errno=0 01:27:09 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:09 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x0, 0x0, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:27:09 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:09 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(r0, &(0x7f0000002040), 0x0, 0x16001, 0x0) [ 745.874009][T18170] FAT-fs (loop5): bogus number of reserved sectors [ 745.880966][T18170] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 745.890387][T18170] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:10 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x20) 01:27:10 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 01:27:10 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:10 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:10 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:11 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x14, &(0x7f0000000300)="c4fe910c6786ce22000000000000000300dd444e"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1f) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:27:11 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x0, 0x0, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 747.032794][T18187] FAT-fs (loop5): bogus number of reserved sectors [ 747.040034][T18187] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 747.049628][T18187] FAT-fs (loop5): Can't find a valid FAT filesystem [ 747.267187][ T27] audit: type=1804 audit(1600651631.351:70): pid=18195 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/382/bus" dev="sda1" ino=16380 res=1 errno=0 01:27:11 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:11 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x13, &(0x7f00000004c0)="5cf249b9740c8607445afd26b76af2f3c921bf"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:27:11 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:11 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 747.874918][T18201] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 748.105223][T18209] FAT-fs (loop5): bogus number of reserved sectors [ 748.112223][T18209] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 748.121618][T18209] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:12 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x0, 0x0, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:27:12 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) 01:27:12 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:12 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{0x0}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) [ 748.542790][T18227] FAT-fs (loop5): bogus number of reserved sectors [ 748.549755][T18227] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 748.559176][T18227] FAT-fs (loop5): Can't find a valid FAT filesystem [ 748.681414][ T27] audit: type=1804 audit(1600651632.771:71): pid=18230 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/383/bus" dev="sda1" ino=15906 res=1 errno=0 01:27:12 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{0x0}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:12 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) [ 748.805077][T18222] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:27:13 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000480)=0x7fe, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0x7, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10) recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 749.164140][T18238] FAT-fs (loop5): bogus number of reserved sectors [ 749.171107][T18238] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 749.180615][T18238] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:13 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:13 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{0x0}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) [ 749.825361][T18249] FAT-fs (loop5): bogus number of reserved sectors [ 749.832845][T18249] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 749.842234][T18249] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:15 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x6c, 0x6c, 0x2, [@union, @union, @restrict, @restrict, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{}]}, @array, @int]}}, 0x0, 0x86}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:27:15 executing program 3: getpid() r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r0, 0x0, 0x0, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:27:15 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) 01:27:15 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x83, &(0x7f000059aff8)={r4}, &(0x7f00000001c0)=0x8) 01:27:15 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:15 executing program 4: futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xbffffffe) [ 751.139679][T18267] futex_wake_op: syz-executor.4 tries to shift op by -1; fix this program [ 751.172314][T18267] futex_wake_op: syz-executor.4 tries to shift op by -1; fix this program [ 751.236867][T18271] FAT-fs (loop5): bogus number of reserved sectors [ 751.243613][T18271] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 751.253134][T18271] FAT-fs (loop5): Can't find a valid FAT filesystem [ 751.295525][T18270] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 751.396294][ T27] audit: type=1804 audit(1600651635.481:72): pid=18274 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/384/bus" dev="sda1" ino=16243 res=1 errno=0 01:27:15 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000000)="1f5583090099c466459866d6d499b05357e238b5eae719fd6321452d791cc0576c8624862be80489a3d395fe86432d69e5cc27b7ffffff8f52e4be0721915e61ca9791d9daf85f62035412c00d4f3bafc8ee49eaed4ecb039c7c6138b7c754ff41c5d3cd1b6e0fe6ea2cd36efecfe2dd8b38b19f9ec1e7b23b2ede490fd56769cfa6c3a468eaff2fbfa55f5b8508e3589bb236a427", 0x95}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$cont(0x1f, r0, 0x0, 0x0) 01:27:15 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, 0x0, &(0x7f00000001c0)) 01:27:15 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='syz_tun\x00', 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000200)=0xfffffff5, 0x48) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000200), 0x4) 01:27:15 executing program 3: getpid() r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r0, 0x0, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:27:16 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) [ 752.143554][T18298] FAT-fs (loop5): bogus number of reserved sectors [ 752.150392][T18298] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 752.160921][T18298] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:16 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, 0x0, &(0x7f00000001c0)) 01:27:16 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:16 executing program 3: getpid() r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r0, 0x0, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 752.623836][T18312] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 752.687847][T18318] FAT-fs (loop5): bogus number of reserved sectors [ 752.694635][T18318] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 752.704083][T18318] FAT-fs (loop5): Can't find a valid FAT filesystem [ 752.707936][ T27] audit: type=1804 audit(1600651636.782:73): pid=18317 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/385/bus" dev="sda1" ino=16381 res=1 errno=0 01:27:17 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, 0x0, &(0x7f00000001c0)) 01:27:17 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b6673", 0x7}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:17 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x9, 0x1, 0x80, 0x400}, 0x3c) [ 753.401750][T18330] FAT-fs (loop5): bogus number of reserved sectors [ 753.408602][T18330] FAT-fs (loop5): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 753.420214][T18330] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:18 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6) 01:27:18 executing program 3: getpid() socket$netlink(0x10, 0x3, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:18 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8), &(0x7f00000001c0)=0x8) 01:27:18 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) sendfile(r5, 0xffffffffffffffff, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:18 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b6673", 0x7}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:18 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x40) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xa, &(0x7f00000004c0)="5cf249b9740c8607445a"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 755.114504][T18355] FAT-fs (loop5): bogus number of reserved sectors [ 755.123096][T18355] FAT-fs (loop5): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 755.134523][T18355] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:19 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) 01:27:19 executing program 3: getpid() socket$netlink(0x10, 0x3, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:19 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8), &(0x7f00000001c0)=0x8) 01:27:19 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b6673", 0x7}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) [ 755.735844][T18378] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 755.897873][T18386] FAT-fs (loop5): bogus number of reserved sectors [ 755.904798][T18386] FAT-fs (loop5): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 755.916174][T18386] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:20 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8), &(0x7f00000001c0)=0x8) 01:27:20 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:20 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) sendfile(r5, 0xffffffffffffffff, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:20 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) listen(r0, 0x0) 01:27:20 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661", 0xa}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:20 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, 0x0) [ 756.718447][T18396] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 756.902957][T18403] FAT-fs (loop5): bogus number of reserved sectors [ 756.909894][T18403] FAT-fs (loop5): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 756.921326][T18403] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:21 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 757.592736][T18414] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:27:22 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x15}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) tkill(r0, 0x33) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001}, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:27:22 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661", 0xa}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:22 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x31, 0x0, 0x0) 01:27:22 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, 0x0) 01:27:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) sendfile(r5, 0xffffffffffffffff, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:22 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 758.240709][T18427] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 758.284397][T18430] FAT-fs (loop5): bogus number of reserved sectors [ 758.291301][T18430] FAT-fs (loop5): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 758.302728][T18430] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:22 executing program 2: r0 = memfd_create(&(0x7f0000000200)='\x00\x83\xc5\xcb\xc7\x108\xa4\x03\x9c0T3\xc5\x97\x95\xb5\x8fM\xddU\x10\xaaod\x96\xeeM\xbe\x0e\xe4\xcc\xc4\xcf,\x9f7\xcc(Z\x13`\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00c\r\x14\xd8g\x02S -\xfd\xb5a\xedf|\xc4\xf9\xd2J\xadi\xcc[\\P\xa6F\x8c^\xc7i)d\x9f\xfckW\x86\xe4Qg1\xbdD\x1c\x13O\\\x7fS/\xc9d!\x19\"\x16\xfdC\tz\xf1\xf3q\xfd\'.\xb4\x14\x14m_&\x88\x8cfI\x18&\xea5\xa0\x00\xd2\xcd\xf0\xd5\x03\x9f\x18\x8d6\xc9,\xc9Y\xb8\xc9\xdd\xadp3\xbe\x93C\xa3b\x18\xe7\xcdx\x86aA\x9e\x83\aKc\xba\x05\x19\xb1\x9cJ\xce2\x9fW\xd3', 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x560) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = dup3(r1, r2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f0000000000)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @local}, 0x10) sendto$inet(r2, &(0x7f00003cef9f)='7', 0xffc1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x83, &(0x7f000059aff8)={r4}, 0x0) 01:27:22 executing program 4: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c90", 0x3}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:22 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661", 0xa}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:22 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast1, 0x0, 0x32}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x4}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 758.911911][T18449] FAT-fs (loop4): bogus number of reserved sectors [ 758.918863][T18449] FAT-fs (loop4): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 758.930268][T18449] FAT-fs (loop4): Can't find a valid FAT filesystem 01:27:23 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f000000b180)=[{{0x0, 0x0, &(0x7f0000002e00)=[{&(0x7f00000003c0)=""/155, 0x9b}], 0xffffffffffffffa}}], 0x1, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x20) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00') preadv(r1, &(0x7f00000017c0), 0x1c1, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(0x0) getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x53, 0x0, 0x0) [ 759.071568][T18456] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 759.165452][T18449] FAT-fs (loop4): bogus number of reserved sectors [ 759.172575][T18449] FAT-fs (loop4): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 759.184030][T18449] FAT-fs (loop4): Can't find a valid FAT filesystem [ 759.207351][T18455] FAT-fs (loop5): bogus number of reserved sectors [ 759.214469][T18455] FAT-fs (loop5): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 759.225863][T18455] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:23 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xfd, &(0x7f0000000240)="f7f249b9740c0764ca04f400befbf2f3c921bf3c0f339e57f4f21016a5b60a00088024c30e478947d190ac0000009038396bb68e4053cd0c42727a81b1af4915e96c43607a144f6543b6faf143e648fcbde4967033f51be252a22ea40c9422247185569bdffc58cff1685babdf5c77ac6c0ceb6e4d48ec30cd70a1a381611750c555848886f1e31994b058b3289760d441a0b9777c243bccd3ff8bfc59a323235d9e3bc4442f31a171b45bcfe35bc10298e76c298ef72b6e54366e2e553731707f8cb05543d77ebdc5610da0978c628327d790f3c23122538a5055877082de3a1f25b1c4f44a9b76f530024fdf3eef272e5e234bc440a0de0b6b2493b8"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 01:27:23 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:23 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:23 executing program 2: [ 760.180189][ T27] audit: type=1804 audit(1600651644.272:74): pid=18482 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/389/bus" dev="sda1" ino=16377 res=1 errno=0 [ 760.332069][T18488] FAT-fs (loop5): bogus number of reserved sectors [ 760.339301][T18488] FAT-fs (loop5): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 760.350762][T18488] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:24 executing program 2: 01:27:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:25 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:25 executing program 2: [ 761.190335][T18495] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:27:25 executing program 1: [ 761.351655][T18503] FAT-fs (loop5): bogus number of reserved sectors [ 761.359742][T18503] FAT-fs (loop5): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 761.371160][T18503] FAT-fs (loop5): Can't find a valid FAT filesystem [ 761.493332][ T27] audit: type=1804 audit(1600651645.582:75): pid=18506 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/390/bus" dev="sda1" ino=16366 res=1 errno=0 01:27:25 executing program 2: 01:27:27 executing program 4: 01:27:27 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:27 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000040)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 01:27:27 executing program 1: 01:27:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:27 executing program 2: [ 763.138657][T18528] FAT-fs (loop5): bogus number of reserved sectors [ 763.145434][T18528] FAT-fs (loop5): This looks like a DOS 1.x volume, but isn't a recognized floppy size (264192 sectors) [ 763.156842][T18528] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:27 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:27 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, 0x0) [ 763.306942][ T27] audit: type=1804 audit(1600651647.392:76): pid=18533 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/391/bus" dev="sda1" ino=16380 res=1 errno=0 01:27:27 executing program 2: 01:27:27 executing program 1: 01:27:27 executing program 4: 01:27:28 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:28 executing program 1: 01:27:28 executing program 2: 01:27:28 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, 0x0) 01:27:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:28 executing program 4: 01:27:28 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, 0x0) 01:27:28 executing program 3: getpid() openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 01:27:28 executing program 1: 01:27:28 executing program 2: [ 764.946055][ T27] audit: type=1804 audit(1600651649.032:77): pid=18556 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/392/bus" dev="sda1" ino=16364 res=1 errno=0 01:27:29 executing program 4: 01:27:29 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, &(0x7f0000000040)) 01:27:29 executing program 2: 01:27:29 executing program 1: 01:27:29 executing program 3: getpid() openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 765.585219][T18569] FAT-fs (loop5): bogus number of reserved sectors [ 765.592524][T18569] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:29 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:29 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, &(0x7f0000000040)) 01:27:30 executing program 4: 01:27:30 executing program 2: 01:27:30 executing program 3: getpid() openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 01:27:30 executing program 1: [ 766.290395][T18582] FAT-fs (loop5): bogus number of reserved sectors [ 766.297149][T18582] FAT-fs (loop5): Can't find a valid FAT filesystem [ 766.403638][ T27] audit: type=1804 audit(1600651650.493:78): pid=18584 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/393/bus" dev="sda1" ino=16380 res=1 errno=0 01:27:30 executing program 4: 01:27:30 executing program 2: 01:27:30 executing program 5: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="eb3c906d6b66732e6661740002", 0xd}], 0x0, &(0x7f0000000040)) 01:27:30 executing program 1: 01:27:31 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:31 executing program 4: 01:27:31 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:31 executing program 2: [ 767.096174][T18596] FAT-fs (loop5): bogus number of reserved sectors [ 767.102930][T18596] FAT-fs (loop5): Can't find a valid FAT filesystem 01:27:31 executing program 1: 01:27:31 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:31 executing program 5: [ 767.709098][ T27] audit: type=1804 audit(1600651651.803:79): pid=18610 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/394/bus" dev="sda1" ino=15739 res=1 errno=0 01:27:31 executing program 4: 01:27:31 executing program 2: 01:27:31 executing program 1: 01:27:32 executing program 4: 01:27:32 executing program 5: 01:27:32 executing program 2: 01:27:32 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:32 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:32 executing program 1: 01:27:32 executing program 4: 01:27:32 executing program 5: 01:27:32 executing program 2: 01:27:33 executing program 1: 01:27:33 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 769.108418][ T27] audit: type=1804 audit(1600651653.203:80): pid=18637 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/395/bus" dev="sda1" ino=16382 res=1 errno=0 01:27:33 executing program 5: 01:27:33 executing program 4: 01:27:33 executing program 2: 01:27:33 executing program 1: 01:27:33 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:34 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:34 executing program 4: 01:27:34 executing program 5: 01:27:34 executing program 1: 01:27:34 executing program 2: 01:27:34 executing program 4: 01:27:34 executing program 5: 01:27:34 executing program 2: 01:27:34 executing program 1: 01:27:34 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 770.602371][ T27] audit: type=1804 audit(1600651654.693:81): pid=18664 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/396/bus" dev="sda1" ino=15788 res=1 errno=0 01:27:35 executing program 4: 01:27:35 executing program 5: 01:27:35 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:35 executing program 1: 01:27:35 executing program 2: 01:27:35 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:35 executing program 5: 01:27:35 executing program 4: 01:27:35 executing program 1: 01:27:35 executing program 2: 01:27:35 executing program 5: 01:27:36 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:36 executing program 4: [ 771.983113][ T27] audit: type=1804 audit(1600651656.073:82): pid=18690 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/397/bus" dev="sda1" ino=15788 res=1 errno=0 01:27:36 executing program 1: 01:27:36 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:36 executing program 4: 01:27:36 executing program 5: 01:27:36 executing program 2: 01:27:36 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:36 executing program 1: 01:27:37 executing program 5: 01:27:37 executing program 4: 01:27:37 executing program 2: 01:27:37 executing program 1: 01:27:37 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 773.460125][ T27] audit: type=1804 audit(1600651657.553:83): pid=18717 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/398/bus" dev="sda1" ino=15802 res=1 errno=0 01:27:37 executing program 5: 01:27:38 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:38 executing program 2: 01:27:38 executing program 4: 01:27:38 executing program 1: 01:27:38 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:38 executing program 5: 01:27:38 executing program 1: 01:27:38 executing program 2: 01:27:38 executing program 4: 01:27:38 executing program 5: 01:27:38 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 774.902850][ T27] audit: type=1804 audit(1600651658.993:84): pid=18746 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/399/bus" dev="sda1" ino=15818 res=1 errno=0 01:27:39 executing program 2: 01:27:39 executing program 4: 01:27:39 executing program 1: 01:27:39 executing program 5: 01:27:39 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 01:27:39 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:39 executing program 2: [ 775.892980][T18764] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:27:40 executing program 2: 01:27:40 executing program 5: 01:27:40 executing program 1: 01:27:40 executing program 4: 01:27:40 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 776.285564][ T27] audit: type=1804 audit(1600651660.373:85): pid=18774 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/400/bus" dev="sda1" ino=15805 res=1 errno=0 01:27:40 executing program 2: 01:27:40 executing program 5: [ 776.627311][T18780] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:27:40 executing program 1: 01:27:40 executing program 4: 01:27:41 executing program 3: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 01:27:41 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:41 executing program 2: 01:27:41 executing program 5: 01:27:41 executing program 4: 01:27:41 executing program 1: 01:27:41 executing program 2: [ 777.437335][T18793] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 777.713026][ T27] audit: type=1804 audit(1600651661.803:86): pid=18802 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/401/bus" dev="sda1" ino=16370 res=1 errno=0 01:27:41 executing program 3: 01:27:42 executing program 4: 01:27:42 executing program 5: 01:27:42 executing program 1: 01:27:42 executing program 2: 01:27:42 executing program 3: 01:27:42 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:42 executing program 4: 01:27:42 executing program 5: 01:27:42 executing program 1: 01:27:42 executing program 2: 01:27:42 executing program 3: 01:27:43 executing program 5: 01:27:43 executing program 4: 01:27:43 executing program 1: [ 779.147301][ T27] audit: type=1804 audit(1600651663.244:87): pid=18820 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/402/bus" dev="sda1" ino=15805 res=1 errno=0 01:27:43 executing program 2: 01:27:43 executing program 3: 01:27:43 executing program 5: 01:27:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:44 executing program 4: 01:27:44 executing program 1: 01:27:44 executing program 2: 01:27:44 executing program 3: 01:27:44 executing program 5: 01:27:44 executing program 4: 01:27:44 executing program 1: 01:27:44 executing program 2: [ 780.539201][ T27] audit: type=1804 audit(1600651664.634:88): pid=18838 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/403/bus" dev="sda1" ino=15795 res=1 errno=0 01:27:44 executing program 3: 01:27:45 executing program 5: 01:27:45 executing program 1: 01:27:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:45 executing program 4: 01:27:45 executing program 2: 01:27:45 executing program 3: 01:27:45 executing program 5: 01:27:45 executing program 1: 01:27:45 executing program 4: 01:27:45 executing program 3: 01:27:45 executing program 2: [ 781.895095][ T27] audit: type=1804 audit(1600651665.984:89): pid=18857 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/404/bus" dev="sda1" ino=15923 res=1 errno=0 01:27:46 executing program 1: 01:27:46 executing program 5: 01:27:46 executing program 3: 01:27:46 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x4200, 0x0) r5 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:46 executing program 4: 01:27:46 executing program 2: 01:27:46 executing program 1: 01:27:47 executing program 3: 01:27:47 executing program 1: 01:27:47 executing program 4: [ 783.397307][ T27] audit: type=1804 audit(1600651667.494:90): pid=18874 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/405/bus" dev="sda1" ino=15845 res=1 errno=0 01:27:47 executing program 5: 01:27:47 executing program 2: 01:27:48 executing program 3: 01:27:48 executing program 1: 01:27:48 executing program 4: 01:27:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x4200, 0x0) r5 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:48 executing program 2: 01:27:48 executing program 5: 01:27:48 executing program 3: 01:27:48 executing program 1: 01:27:48 executing program 5: 01:27:48 executing program 4: 01:27:48 executing program 2: [ 784.880714][ T27] audit: type=1804 audit(1600651668.974:91): pid=18891 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/406/bus" dev="sda1" ino=15845 res=1 errno=0 01:27:49 executing program 3: 01:27:49 executing program 1: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='children\x00') r1 = socket(0x10, 0x803, 0x0) sendfile(r1, r0, &(0x7f0000000000)=0x1, 0x7fff) 01:27:49 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x7608) 01:27:49 executing program 5: r0 = socket(0x1000000010, 0x80002, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="000000000000e4ff280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r3, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001400)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0x4}}, [@filter_kind_options=@f_matchall={{0xd, 0x1, 'matchall\x00'}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8}]}}]}, 0x40}}, 0x0) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg$alg(r0, &(0x7f0000000200), 0x10efe10675dec16, 0x0) 01:27:49 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x4200, 0x0) r5 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:49 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_writev(r0, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x2, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1fe, 0x0) 01:27:49 executing program 3: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) getpgid(0x0) sendto$inet(r0, &(0x7f0000000100)="f6", 0xffffffe7, 0xc000, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f00000003c0)}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000640)=""/198, 0xc6}], 0x1}}], 0x2, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) [ 785.800545][T18905] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. 01:27:50 executing program 4: 01:27:50 executing program 1: r0 = open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) mmap(&(0x7f0000008000/0x600000)=nil, 0x600000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r3, 0x0, 0x0, 0x1000f4) r4 = getpgid(0x0) write(0xffffffffffffffff, 0x0, 0x0) ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r2, &(0x7f00000001c0), 0xfffffef3) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) open(0x0, 0x141042, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) [ 786.557659][ T27] audit: type=1804 audit(1600651670.654:92): pid=18922 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/407/bus" dev="sda1" ino=16382 res=1 errno=0 [ 786.613354][T18905] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. 01:27:51 executing program 5: r0 = socket(0x1000000010, 0x80002, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="000000000000e4ff280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r3, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001400)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0x4}}, [@filter_kind_options=@f_matchall={{0xd, 0x1, 'matchall\x00'}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8}]}}]}, 0x40}}, 0x0) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg$alg(r0, &(0x7f0000000200), 0x10efe10675dec16, 0x0) 01:27:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000180)="0fae0dd0ee0f005a850f91d4360f0ff3b63ef0fe4e00660fe30a66b891d7e4700f23c00f21f8663503000a000f23f82e0f1c570f0f30", 0x36}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:51 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:51 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x83, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xdc}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000040)=0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) r3 = socket(0x2a, 0x2, 0x2) ioctl$CAPI_GET_PROFILE(0xffffffffffffffff, 0xc0404309, &(0x7f0000000340)=0x7d97c050) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x2, 0x0, r3, 0x0, &(0x7f0000000240)=@ipx}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 01:27:51 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) 01:27:51 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ac, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662") [ 787.499398][T18934] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. [ 788.183250][ T27] audit: type=1804 audit(1600651672.274:93): pid=18961 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/408/bus" dev="sda1" ino=16379 res=1 errno=0 01:27:52 executing program 4: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 01:27:52 executing program 5: sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000002600290800000000000000000400000008000c00"], 0x30}, 0x1, 0xffffff7f0e000000}, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000040)={0x0, 0x0, [], @raw_data=[0x9, 0xffffffff, 0x0, 0x8005, 0x474e, 0x0, 0xfff, 0x1, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x2d, 0xfffffffc, 0xfffffbff, 0x1, 0x4, 0x0, 0x0, 0x7ff, 0x6b7, 0x1, 0x0, 0x5c2, 0x0, 0x0, 0x6, 0x5, 0x9, 0x422c, 0xffff]}) 01:27:52 executing program 3: clone(0x1808100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = memfd_create(&(0x7f0000000000)='sE\xd1\xc6\xff\x9b\xfe\x1cXmd5sum$\x00', 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x3, 0x278, 0x128, 0x0, 0x148, 0x128, 0x148, 0x1e0, 0x240, 0x240, 0x1e0, 0x240, 0x3, 0x0, {[{{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}, {0xd72495441b5cd3f3}}, @common=@unspec=@rateest={{0x68, 'rateest\x00'}, {'geneve0\x00', 'bridge_slave_0\x00'}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00'}}, {{@uncond, 0x0, 0x90, 0xb8, 0x0, {}, [@common=@socket0={{0x20, 'socket\x00'}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8) 01:27:52 executing program 2: openat$proc_capi20ncci(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = gettid() r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1f1) prctl$PR_SET_PTRACER(0x59616d61, r0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r1) pipe(0x0) syz_genetlink_get_family_id$tipc2(0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000840)=[0x0, 0x0], &(0x7f0000000800)=[&(0x7f0000000200)=',+^\x00', &(0x7f0000000540)='1\x92\xc6\x95\xec\x10B=\xed\xb1\x1a\xee\xca5*\xd9\xc8GDG\xe2]\x8d\x8b\x01L\xe3\v5\xe4\xbb@\xd3#\x05]RA\x99\xff\xb5S\xe6\x10n\xf0T\x7f\xd9R\xd4\xaa\xd5\x85\x13Nuv\x15Cn\x8br\xb7vv\xa3\xfe\xc7S?\xfc\x01=G\xe7\xaa', &(0x7f0000000680)='&\'[[\x00']) ptrace$setopts(0x4206, r0, 0x0, 0x0) 01:27:52 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ac, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662") 01:27:52 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)='\\') 01:27:53 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = io_uring_setup(0x196, &(0x7f0000000040)) tkill(0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f00000002c0)=[0xffffffffffffffff], 0x2e2) 01:27:53 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x87, &(0x7f00000013c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r3}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) socket(0x0, 0x0, 0x0) 01:27:53 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:53 executing program 2: r0 = syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x100000000001, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) [ 789.668911][ T27] audit: type=1804 audit(1600651673.764:94): pid=19008 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/409/bus" dev="sda1" ino=16305 res=1 errno=0 01:27:53 executing program 1: openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000080)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 01:27:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000180)="0fae0dd0ee0f005a850f91d4360f0ff3b63ef0fe4e00660fe30a66b891d7e4700f23c00f21f8663503000a000f23f82e0f1c570f0f30", 0x36}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:27:54 executing program 2: clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() r1 = gettid() tkill(r1, 0x14) ptrace(0x10, r0) ptrace$peeksig(0x420e, r0, 0x0, 0x0) 01:27:54 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x87, &(0x7f00000013c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r3}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) socket(0x0, 0x0, 0x0) 01:27:54 executing program 3: r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0xc01, 0x3, 0x2d8, 0x128, 0x5002004a, 0x0, 0x0, 0x0, 0x240, 0x3c8, 0x3c8, 0x240, 0x3c8, 0x3, 0x0, {[{{@ip={@empty, @remote, 0x0, 0x0, 'bridge_slave_1\x00', 'bond_slave_1\x00'}, 0x0, 0xc0, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}, @inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x60], 0x0, 0xb8, 0x118, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x0, 0x3}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x2}}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x338) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) wait4(0x0, 0x0, 0x0, 0x0) 01:27:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:54 executing program 3: prlimit64(0x0, 0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@local, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x32}, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 01:27:54 executing program 1: openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000080)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 01:27:55 executing program 5: r0 = getpid() socket$netlink(0x10, 0x3, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 791.169350][ T27] audit: type=1804 audit(1600651675.264:95): pid=19059 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/410/bus" dev="sda1" ino=16381 res=1 errno=0 01:27:55 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x87, &(0x7f00000013c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r3}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) socket(0x0, 0x0, 0x0) 01:27:55 executing program 2: r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x15, 0x0, 0x0) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000280)={0x0, 0x0}) ptrace$pokeuser(0x6, r1, 0x0, 0x8) clone(0x210200077c, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='overlay\x00', 0x0, 0x0) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) sync() sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) 01:27:55 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) clone3(&(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 791.907061][T19076] overlayfs: missing 'lowerdir' [ 792.060400][T19083] overlayfs: missing 'lowerdir' 01:27:56 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:27:56 executing program 2: clone(0x1808100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000000)='sE\xd1\xc6\xff\x9b\xfe\x1cXmd5sum$\x00', 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x3, 0x278, 0x128, 0x0, 0x148, 0x128, 0x148, 0x1e0, 0x240, 0x240, 0x1e0, 0x240, 0x3, 0x0, {[{{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}, {0xd72495441b5cd3f3}}, @common=@unspec=@rateest={{0x68, 'rateest\x00'}, {'geneve0\x00', 'bridge_slave_0\x00'}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00'}}, {{@uncond, 0x0, 0x90, 0xb8, 0x0, {}, [@common=@socket0={{0x20, 'socket\x00'}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8) 01:27:56 executing program 4: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) ioctl$SNDCTL_MIDI_PRETIME(r0, 0xc0046d00, &(0x7f0000000080)) 01:27:56 executing program 1: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000200)='cubic\x00', 0x6) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002) 01:27:57 executing program 2: syz_mount_image$tmpfs(&(0x7f0000001500)='tmpfs\x00', &(0x7f0000001540)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) syz_mount_image$tmpfs(&(0x7f0000000040)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x80020, &(0x7f0000000140)={[{@nr_blocks={'nr_blocks', 0x3d, [0x74]}}]}) [ 793.258713][ T27] audit: type=1804 audit(1600651677.355:96): pid=19111 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/411/bus" dev="sda1" ino=15972 res=1 errno=0 01:27:57 executing program 4: r0 = shmget(0x2, 0x1000, 0x78001a81, &(0x7f0000ffa000/0x1000)=nil) shmctl$IPC_RMID(r0, 0x0) 01:27:57 executing program 3: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000001500)='/dev/snd/seq\x00', 0xeea42) 01:27:57 executing program 1: bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x29}}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, &(0x7f0000000140)=0xffffffff, 0x4) connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x29}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0xffffffff, 0x4) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001a8, 0x0) [ 795.042181][T19126] not chained 10000 origins [ 795.046728][T19126] CPU: 1 PID: 19126 Comm: syz-executor.1 Not tainted 5.9.0-rc4-syzkaller #0 [ 795.055402][T19126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 795.065462][T19126] Call Trace: [ 795.068873][T19126] dump_stack+0x21c/0x280 [ 795.073294][T19126] kmsan_internal_chain_origin+0x6f/0x130 [ 795.079054][T19126] ? ip_do_fragment+0x3b50/0x3b50 [ 795.084112][T19126] ? kmsan_get_metadata+0x116/0x180 [ 795.089321][T19126] ? kmsan_set_origin_checked+0x95/0xf0 [ 795.094879][T19126] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 795.101017][T19126] ? _copy_from_user+0x201/0x310 [ 795.105972][T19126] ? kmsan_get_metadata+0x116/0x180 [ 795.111188][T19126] __msan_chain_origin+0x50/0x90 [ 795.116186][T19126] __get_compat_msghdr+0x6db/0x9d0 [ 795.121318][T19126] get_compat_msghdr+0x108/0x2b0 [ 795.126331][T19126] __sys_sendmmsg+0x755/0xf70 [ 795.131039][T19126] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 795.136941][T19126] ? __msan_poison_alloca+0xf0/0x120 [ 795.142279][T19126] ? ktime_get_ts64+0x79f/0x8d0 [ 795.147172][T19126] ? kmsan_copy_to_user+0x81/0x90 [ 795.152201][T19126] ? _copy_to_user+0x1bf/0x260 [ 795.156996][T19126] ? kmsan_get_metadata+0x116/0x180 [ 795.162208][T19126] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 795.168026][T19126] ? kmsan_get_metadata+0x116/0x180 [ 795.173241][T19126] ? kmsan_get_metadata+0x116/0x180 [ 795.178447][T19126] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 795.183835][T19126] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 795.189465][T19126] __do_fast_syscall_32+0x129/0x180 [ 795.194677][T19126] do_fast_syscall_32+0x6a/0xc0 [ 795.199540][T19126] do_SYSENTER_32+0x73/0x90 [ 795.204111][T19126] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.210468][T19126] RIP: 0023:0xf7fe1549 [ 795.214541][T19126] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 795.234150][T19126] RSP: 002b:00000000f55ba0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 795.242639][T19126] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020007fc0 [ 795.250620][T19126] RDX: 00000000000001a8 RSI: 0000000000000000 RDI: 0000000000000000 [ 795.258599][T19126] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 795.266577][T19126] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 795.274559][T19126] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 795.282543][T19126] Uninit was stored to memory at: [ 795.287585][T19126] kmsan_internal_chain_origin+0xad/0x130 [ 795.293314][T19126] __msan_chain_origin+0x50/0x90 [ 795.298322][T19126] __get_compat_msghdr+0x6db/0x9d0 [ 795.303434][T19126] get_compat_msghdr+0x108/0x2b0 [ 795.308373][T19126] __sys_sendmmsg+0x755/0xf70 [ 795.313051][T19126] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 795.318428][T19126] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 795.323990][T19126] __do_fast_syscall_32+0x129/0x180 [ 795.329193][T19126] do_fast_syscall_32+0x6a/0xc0 [ 795.334050][T19126] do_SYSENTER_32+0x73/0x90 [ 795.338558][T19126] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.344873][T19126] [ 795.347202][T19126] Uninit was stored to memory at: [ 795.352238][T19126] kmsan_internal_chain_origin+0xad/0x130 [ 795.357969][T19126] __msan_chain_origin+0x50/0x90 [ 795.362922][T19126] __get_compat_msghdr+0x6db/0x9d0 [ 795.368044][T19126] get_compat_msghdr+0x108/0x2b0 [ 795.372993][T19126] __sys_sendmmsg+0x755/0xf70 [ 795.377673][T19126] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 795.383054][T19126] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 795.388614][T19126] __do_fast_syscall_32+0x129/0x180 [ 795.393822][T19126] do_fast_syscall_32+0x6a/0xc0 [ 795.398678][T19126] do_SYSENTER_32+0x73/0x90 [ 795.403184][T19126] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.409498][T19126] [ 795.411822][T19126] Uninit was stored to memory at: [ 795.416853][T19126] kmsan_internal_chain_origin+0xad/0x130 [ 795.422577][T19126] __msan_chain_origin+0x50/0x90 [ 795.427518][T19126] __get_compat_msghdr+0x6db/0x9d0 [ 795.432636][T19126] get_compat_msghdr+0x108/0x2b0 [ 795.437582][T19126] __sys_sendmmsg+0x755/0xf70 [ 795.442269][T19126] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 795.447646][T19126] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 795.453195][T19126] __do_fast_syscall_32+0x129/0x180 [ 795.458401][T19126] do_fast_syscall_32+0x6a/0xc0 [ 795.463264][T19126] do_SYSENTER_32+0x73/0x90 [ 795.467783][T19126] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.474100][T19126] [ 795.476423][T19126] Uninit was stored to memory at: [ 795.481459][T19126] kmsan_internal_chain_origin+0xad/0x130 [ 795.487186][T19126] __msan_chain_origin+0x50/0x90 [ 795.492131][T19126] __get_compat_msghdr+0x6db/0x9d0 [ 795.497246][T19126] get_compat_msghdr+0x108/0x2b0 [ 795.502194][T19126] __sys_sendmmsg+0x755/0xf70 [ 795.506877][T19126] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 795.512252][T19126] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 795.517808][T19126] __do_fast_syscall_32+0x129/0x180 [ 795.523012][T19126] do_fast_syscall_32+0x6a/0xc0 [ 795.527868][T19126] do_SYSENTER_32+0x73/0x90 [ 795.532463][T19126] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.538781][T19126] [ 795.541104][T19126] Uninit was stored to memory at: [ 795.546139][T19126] kmsan_internal_chain_origin+0xad/0x130 [ 795.551980][T19126] __msan_chain_origin+0x50/0x90 [ 795.556921][T19126] __get_compat_msghdr+0x6db/0x9d0 [ 795.562037][T19126] get_compat_msghdr+0x108/0x2b0 [ 795.566984][T19126] __sys_sendmmsg+0x755/0xf70 [ 795.571661][T19126] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 795.577037][T19126] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 795.582590][T19126] __do_fast_syscall_32+0x129/0x180 [ 795.587790][T19126] do_fast_syscall_32+0x6a/0xc0 [ 795.592651][T19126] do_SYSENTER_32+0x73/0x90 [ 795.597159][T19126] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.603569][T19126] [ 795.605895][T19126] Uninit was stored to memory at: [ 795.610933][T19126] kmsan_internal_chain_origin+0xad/0x130 [ 795.616665][T19126] __msan_chain_origin+0x50/0x90 [ 795.621605][T19126] __get_compat_msghdr+0x6db/0x9d0 [ 795.626722][T19126] get_compat_msghdr+0x108/0x2b0 [ 795.631839][T19126] __sys_sendmmsg+0x755/0xf70 [ 795.636656][T19126] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 795.642034][T19126] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 795.647585][T19126] __do_fast_syscall_32+0x129/0x180 [ 795.652789][T19126] do_fast_syscall_32+0x6a/0xc0 [ 795.657645][T19126] do_SYSENTER_32+0x73/0x90 [ 795.662156][T19126] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.668472][T19126] [ 795.670801][T19126] Uninit was stored to memory at: [ 795.675838][T19126] kmsan_internal_chain_origin+0xad/0x130 [ 795.681749][T19126] __msan_chain_origin+0x50/0x90 [ 795.686691][T19126] __get_compat_msghdr+0x6db/0x9d0 [ 795.691806][T19126] get_compat_msghdr+0x108/0x2b0 [ 795.696748][T19126] __sys_sendmmsg+0x755/0xf70 [ 795.701426][T19126] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 795.706803][T19126] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 795.712361][T19126] __do_fast_syscall_32+0x129/0x180 [ 795.717569][T19126] do_fast_syscall_32+0x6a/0xc0 [ 795.722428][T19126] do_SYSENTER_32+0x73/0x90 [ 795.726942][T19126] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.733259][T19126] [ 795.735583][T19126] Local variable ----msg_sys@__sys_sendmmsg created at: [ 795.742520][T19126] __sys_sendmmsg+0xbb/0xf70 [ 795.747113][T19126] __sys_sendmmsg+0xbb/0xf70 01:28:00 executing program 5: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0) sendto$inet(r0, &(0x7f0000000100)="f6", 0xffffffe7, 0xc000, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x7a1d, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/155, 0x9b}], 0x1, 0x0, 0x15000000}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000640)=""/198, 0x1c7f65}], 0x1}}], 0x240, 0x0, 0x0) 01:28:00 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:28:00 executing program 2: socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'macvlan1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400000000ec00000000000000", @ANYRES32, @ANYBLOB="00000000000000001c0012000b00010062726964676500000c0002000500070005"], 0x3c}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="280000001000010400"/20, @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32], 0x28}}, 0x0) 01:28:00 executing program 4: mkdir(&(0x7f0000000180)='./bus\x00', 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './bus'}}, {@index_on='index=on'}], [], 0x2c}) 01:28:00 executing program 3: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0xfffffec6) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040), 0x3) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 796.306076][T19139] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore [ 796.315211][T19139] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 796.323757][T19139] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 796.400779][T19141] bridge3: port 1(macvlan1) entered blocking state [ 796.407923][T19141] bridge3: port 1(macvlan1) entered disabled state [ 796.512946][ T27] audit: type=1804 audit(1600651680.605:97): pid=19151 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/412/bus" dev="sda1" ino=16129 res=1 errno=0 01:28:00 executing program 4: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) sendto$inet(r0, &(0x7f0000000100)="f6", 0xffffffe7, 0xc000, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x7a1d, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/155, 0x9b}], 0x1, 0x0, 0x15000000}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000640)=""/198, 0x1c7f65}], 0x1}}], 0x2, 0x700, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) 01:28:00 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDCTL_MIDI_PRETIME(r0, 0x8004510a, &(0x7f0000000080)) 01:28:01 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:28:01 executing program 2: r0 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0xf, 0x0, &(0x7f0000000200)) 01:28:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x200000ee) getsockopt$ARPT_SO_GET_INFO(r2, 0x0, 0x29, 0x0, &(0x7f0000000080)) 01:28:01 executing program 1: r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) [ 798.190353][ T27] audit: type=1804 audit(1600651682.285:98): pid=19172 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/413/bus" dev="sda1" ino=15880 res=1 errno=0 01:28:02 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000140)=ANY=[@ANYRESOCT], 0x1f) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x2}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe) r3 = socket(0x2, 0x803, 0xff) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) r4 = dup(r3) ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000000)) r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000300)}) sendfile(r4, r5, 0x0, 0x8000fffffffe) creat(&(0x7f0000000100)='./bus\x00', 0x0) r6 = dup(0xffffffffffffffff) write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(0xffffffffffffffff, 0x400442c8, &(0x7f0000000100)=ANY=[@ANYBLOB="0700000000000eb64f55468d66c6dabde8582ec90176a519f157802bd6061f0c1ee9a068b896f64819396304d8826322f19be300000000000002498d8c423fe52fb121569fb4a558df"]) ioctl$vim2m_VIDIOC_G_FMT(r6, 0xc0d05604, &(0x7f0000000200)={0x2, @vbi={0xd80b, 0x8, 0x80000001, 0x30385056, [0x1000, 0x80000000], [0x0, 0x6], 0x1}}) 01:28:03 executing program 4: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) sendto$inet(r0, &(0x7f0000000100)="f6", 0xffffffe7, 0xc000, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x7a1d, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/155, 0x9b}], 0x1, 0x0, 0x15000000}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000640)=""/198, 0x1c7f65}], 0x1}}], 0x2, 0x700, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) [ 799.651190][ T27] audit: type=1804 audit(1600651683.635:99): pid=19188 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir803979051/syzkaller.PaYpzJ/391/bus" dev="sda1" ino=15899 res=1 errno=0 [ 799.875799][ T27] audit: type=1804 audit(1600651683.795:100): pid=19190 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir803979051/syzkaller.PaYpzJ/391/bus" dev="sda1" ino=15899 res=1 errno=0 [ 799.901289][ T27] audit: type=1804 audit(1600651683.915:101): pid=19187 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir803979051/syzkaller.PaYpzJ/391/bus" dev="sda1" ino=15899 res=1 errno=0 [ 799.930831][ T27] audit: type=1804 audit(1600651683.915:102): pid=19188 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir803979051/syzkaller.PaYpzJ/391/bus" dev="sda1" ino=15899 res=1 errno=0 01:28:04 executing program 1: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0) 01:28:04 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r4 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r4, 0x4, 0x46000) lseek(r4, 0x4200, 0x0) r5 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r4, r7, 0x0, 0x8400fffffffb) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000100), 0x8080ffffff7e) 01:28:04 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) openat$vcs(0xffffffffffffff9c, 0x0, 0x400, 0x0) openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f00000001c0)={r0, 0x20, 0x80000000, 0x6}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000140)='trusted.overlay.redirect\x00', &(0x7f0000000180)='./file0\x00', 0x8, 0x3) 01:28:04 executing program 3: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x1c, 0x8, 0x6, 0x401, 0x0, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 01:28:04 executing program 5: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) 01:28:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:04 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000140)=ANY=[@ANYRESOCT], 0x1f) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x2}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe) r3 = socket(0x2, 0x803, 0xff) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) r4 = dup(r3) ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000000)) r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000300)}) sendfile(r4, r5, 0x0, 0x8000fffffffe) creat(&(0x7f0000000100)='./bus\x00', 0x0) r6 = dup(0xffffffffffffffff) write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(0xffffffffffffffff, 0x400442c8, &(0x7f0000000100)=ANY=[@ANYBLOB]) ioctl$vim2m_VIDIOC_G_FMT(r6, 0xc0d05604, &(0x7f0000000200)={0x2, @vbi={0xd80b, 0x8, 0x80000001, 0x30385056, [0x1000, 0x80000000], [0x0, 0x6], 0x1}}) [ 800.700479][ T27] audit: type=1804 audit(1600651684.795:103): pid=19205 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/414/bus" dev="sda1" ino=15880 res=1 errno=0 01:28:05 executing program 5: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) sendto$inet(r0, &(0x7f0000000100)="f6", 0xffffffe7, 0xc000, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x7a1d, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/155, 0x9b}], 0x1, 0x0, 0x15000000}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000640)=""/198, 0xdff65}], 0x1}}], 0x2, 0x0, 0x0) 01:28:05 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x4, 0x1, 0x201}, 0x14}}, 0x0) [ 801.311275][ T27] audit: type=1804 audit(1600651685.405:104): pid=19231 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir803979051/syzkaller.PaYpzJ/393/bus" dev="sda1" ino=15895 res=1 errno=0 01:28:05 executing program 3: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0xc2002, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x80) write$dsp(r0, &(0x7f0000000080)='!', 0xffffffd9) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000000)) [ 801.513484][ T27] audit: type=1804 audit(1600651685.465:105): pid=19233 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir803979051/syzkaller.PaYpzJ/393/bus" dev="sda1" ino=15895 res=1 errno=0 01:28:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r4 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r4, 0x4, 0x46000) lseek(r4, 0x4200, 0x0) r5 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r4, r7, 0x0, 0x8400fffffffb) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000100), 0x8080ffffff7e) [ 801.975617][ T27] audit: type=1804 audit(1600651686.075:106): pid=19231 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir803979051/syzkaller.PaYpzJ/393/bus" dev="sda1" ino=15895 res=1 errno=0 [ 802.162281][ T27] audit: type=1804 audit(1600651686.125:107): pid=19233 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir803979051/syzkaller.PaYpzJ/393/bus" dev="sda1" ino=15895 res=1 errno=0 01:28:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 802.810110][ T27] audit: type=1804 audit(1600651686.905:108): pid=19253 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/415/bus" dev="sda1" ino=15903 res=1 errno=0 01:28:06 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000140)=ANY=[@ANYRESOCT], 0x1f) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x2}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe) r2 = socket(0x2, 0x803, 0xff) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) r3 = dup(r2) ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000000)) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) creat(&(0x7f0000000100)='./bus\x00', 0x0) write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(0xffffffffffffffff, 0x400442c8, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYBLOB="0700000000000eb64f55468d66c6da"]) ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, 0x0) 01:28:07 executing program 1: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) sendto$inet(r0, &(0x7f0000000100)="f6", 0xffffffe7, 0xc000, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x7a1d, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/155, 0x9b}], 0x1, 0x0, 0x15000000}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000640)=""/198, 0x1c7f65}], 0x1}}], 0x2, 0x700, 0x0) 01:28:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:07 executing program 3: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0xc2002, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x80) write$dsp(r0, &(0x7f0000000080)='!', 0xffffffd9) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000000)) 01:28:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 803.494842][ T27] audit: type=1804 audit(1600651687.585:109): pid=19283 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir524610839/syzkaller.mK2iNZ/90/bus" dev="sda1" ino=15916 res=1 errno=0 01:28:07 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r4 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r4, 0x4, 0x46000) lseek(r4, 0x4200, 0x0) r5 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r4, r7, 0x0, 0x8400fffffffb) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000100), 0x8080ffffff7e) [ 803.670379][ T27] audit: type=1804 audit(1600651687.655:110): pid=19284 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir524610839/syzkaller.mK2iNZ/90/bus" dev="sda1" ino=15916 res=1 errno=0 [ 803.695595][ T27] audit: type=1804 audit(1600651687.705:111): pid=19282 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir524610839/syzkaller.mK2iNZ/90/bus" dev="sda1" ino=15916 res=1 errno=0 01:28:07 executing program 5: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) syz_open_dev$vcsa(0x0, 0x91, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r1 = getpgid(0x0) ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendto$inet(r0, &(0x7f0000000100)="f6", 0xffffffe7, 0xc000, 0x0, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f00000003c0)}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000640)=""/198, 0xc6}], 0x1}}], 0x2, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) 01:28:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 805.014215][ T27] audit: type=1804 audit(1600651688.815:112): pid=19317 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/416/bus" dev="sda1" ino=16306 res=1 errno=0 [ 805.040848][ T27] audit: type=1800 audit(1600651689.075:113): pid=19317 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=16306 res=0 errno=0 01:28:09 executing program 1: perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x0) write$P9_RGETATTR(r1, &(0x7f0000000180)={0xa0}, 0xa0) splice(r0, 0x0, r3, 0x0, 0x20000000003, 0x0) 01:28:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:09 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:28:09 executing program 5: r0 = socket(0x10, 0x80002, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000010c0)={'team_slave_1\x00', &(0x7f0000000000)=ANY=[@ANYBLOB='$']}) perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x1, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000010c0)={'team_slave_1\x00', &(0x7f0000001000)=@ethtool_flash={0x24, 0x4, ',\x11\xbcL\x87_\xd8\xbcd\xbb\t&7*B\f%\x11\xcbt\x99\x02.g\x7fX\xe1\"\xe3F\x7f\x99\xc4}`]\x8bK\xb3L\x06*-\x99\x17\xb4\xc9\bk\xe8\xddL\xdcXg\xfb[\xbbm\xa5\xb82,\x06\x93E}\xeanz\x9eH\xf5&?/u\xa6\xc8\x83\x8d\xe3&_\r\xdd\xd6j\xf2n)(\xf3\xc6\xce\x8e\x82\xcd\xacX\xfdEG\xf8\xae31\x8aK\x83\xf5\x96\'\xbd\xb4\x89\x12=\xf4\xda\xc2\x02\x03#\xf6\x9a\xc6a'}}) 01:28:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) [ 806.082982][ T27] audit: type=1804 audit(1600651690.175:114): pid=19345 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/417/bus" dev="sda1" ino=15930 res=1 errno=0 01:28:10 executing program 1: socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xe) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0xfffffffffffffffe) r1 = accept4(r0, 0x0, 0x0, 0x0) write$binfmt_elf32(r1, &(0x7f0000000300)=ANY=[], 0xff42) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r1) socket$inet6(0xa, 0x80000, 0x3) ftruncate(0xffffffffffffffff, 0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565b, &(0x7f0000000000)) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003e80), 0x0, 0x0) 01:28:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) 01:28:10 executing program 3: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0xc2002, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x80) write$dsp(r0, &(0x7f0000000080)='!', 0xffffffd9) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000000)) 01:28:10 executing program 5: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x324, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) 01:28:11 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, &(0x7f0000000100), 0x8080ffffff7e) 01:28:11 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32=r6, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) sendmmsg$inet(r2, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty}}}], 0x20}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) 01:28:11 executing program 5: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r4) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TCXONC(r5, 0x540a, 0x3) ioctl$BTRFS_IOC_SEND(r1, 0x40489426, &(0x7f00000001c0)={{r5}, 0xa, &(0x7f0000000140)=[0x3f, 0x4, 0x7f, 0x1, 0x2, 0x1, 0x101, 0x80000000, 0x7ff, 0x1], 0x550, 0x6, [0x4, 0x100000000, 0x2, 0xffffffff]}) r6 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) socket$netlink(0x10, 0x3, 0xc) sendfile(r2, 0xffffffffffffffff, 0x0, 0x800) dup(r2) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, 0x0) 01:28:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) 01:28:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r6, 0x0, r6) [ 807.909466][ T27] audit: type=1800 audit(1600651692.006:115): pid=19392 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15798 res=0 errno=0 [ 808.063442][ T27] audit: type=1804 audit(1600651692.046:116): pid=19394 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir524610839/syzkaller.mK2iNZ/94/file0" dev="sda1" ino=15798 res=1 errno=0 01:28:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r6, 0x0, r6) [ 808.564394][ T27] audit: type=1804 audit(1600651692.666:117): pid=19423 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/418/bus" dev="sda1" ino=16379 res=1 errno=0 01:28:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) 01:28:12 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 01:28:13 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r3, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r4 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r4, 0x4, 0x46000) lseek(r4, 0x4200, 0x0) r5 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r4, r7, 0x0, 0x8400fffffffb) sendfile(r3, r3, &(0x7f0000000100), 0x8080ffffff7e) [ 809.372284][T19444] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 809.380656][T19444] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 809.480923][T19444] F2FS-fs (loop5): invalid crc_offset: 0 01:28:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r6, 0x0, r6) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:13 executing program 3: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0xc2002, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x80) write$dsp(r0, &(0x7f0000000080)='!', 0xffffffd9) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000000)) 01:28:13 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32=r6, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) sendmmsg$inet(r2, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty}}}], 0x20}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) [ 809.750503][ T27] audit: type=1804 audit(1600651693.846:118): pid=19452 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/419/bus" dev="sda1" ino=15686 res=1 errno=0 01:28:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) [ 810.345620][T19444] F2FS-fs (loop5): Failed to read root inode 01:28:14 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r3, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r4 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r4, 0x4, 0x46000) lseek(r4, 0x4200, 0x0) r5 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r4, r7, 0x0, 0x8400fffffffb) sendfile(r3, r3, &(0x7f0000000100), 0x8080ffffff7e) 01:28:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:15 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 01:28:15 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32=r6, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) sendmmsg$inet(r2, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty}}}], 0x20}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) [ 812.076109][ T27] audit: type=1804 audit(1600651696.176:119): pid=19488 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/420/bus" dev="sda1" ino=15950 res=1 errno=0 [ 812.239946][T19502] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 812.248165][T19502] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 812.260722][T19502] F2FS-fs (loop5): invalid crc_offset: 0 01:28:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 812.717907][T19502] F2FS-fs (loop5): Failed to read root inode 01:28:17 executing program 3: setuid(0xee01) openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/hwrng\x00', 0x0, 0x0) 01:28:17 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)) r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r2, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r3 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r3, 0x4, 0x46000) lseek(r3, 0x4200, 0x0) r4 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r5, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x10000}]) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x8400fffffffb) sendfile(r2, r2, &(0x7f0000000100), 0x8080ffffff7e) 01:28:17 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 01:28:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:17 executing program 3: mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000000)={0x50, 0x0, r1}, 0x50) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=0x0) read$FUSE(r0, &(0x7f0000008680)={0x2020}, 0x2020) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0x0, 0x0}) sendmmsg(r3, &(0x7f0000008600)=[{{0x0, 0x7f}}, {{&(0x7f00000072c0)=@un=@file={0x1, './file0/../file0/file0\x00'}, 0x32, &(0x7f0000007380), 0x0, &(0x7f0000000600)}}], 0x2, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x3) [ 813.775430][T19542] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 813.783736][T19542] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 813.873197][T19542] F2FS-fs (loop5): invalid crc_offset: 0 [ 813.893260][ T27] audit: type=1804 audit(1600651697.986:120): pid=19550 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/421/bus" dev="sda1" ino=15904 res=1 errno=0 01:28:18 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32=r6, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) sendmmsg$inet(r2, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty}}}], 0x20}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) 01:28:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 814.438267][T19542] F2FS-fs (loop5): Failed to read root inode [ 814.503564][T19565] fuse: Bad value for 'fd' 01:28:19 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)) r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r2, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r3 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r3, 0x4, 0x46000) lseek(r3, 0x4200, 0x0) r4 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r5, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x10000}]) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x8400fffffffb) sendfile(r2, r2, &(0x7f0000000100), 0x8080ffffff7e) 01:28:19 executing program 3: socket$inet6(0xa, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1404}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, 0xffffffffffffffff, 0x0) dup(0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) 01:28:19 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32=r6, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:19 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 01:28:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 815.570141][ T27] audit: type=1804 audit(1600651699.666:121): pid=19596 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/422/bus" dev="sda1" ino=16371 res=1 errno=0 [ 815.973821][T19623] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 815.982159][T19623] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:20 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 816.182993][T19623] F2FS-fs (loop5): invalid crc_offset: 0 01:28:20 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)) r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r2, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r3 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r3, 0x4, 0x46000) lseek(r3, 0x4200, 0x0) r4 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r5, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x10000}]) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x8400fffffffb) sendfile(r2, r2, &(0x7f0000000100), 0x8080ffffff7e) 01:28:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 816.938757][T19623] F2FS-fs (loop5): Failed to read root inode 01:28:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 817.340435][ T27] audit: type=1804 audit(1600651701.436:122): pid=19659 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/423/bus" dev="sda1" ino=16374 res=1 errno=0 01:28:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:22 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r0) [ 818.693619][T19688] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 818.701547][T19688] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 818.768709][T19688] F2FS-fs (loop5): invalid crc_offset: 0 [ 818.985980][T19688] F2FS-fs (loop5): Failed to read root inode 01:28:23 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setuid(r1) syz_mount_image$msdos(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x0, 0x0) 01:28:23 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) dup3(r2, r1, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:23 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r2, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r3 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r3, 0x4, 0x46000) lseek(r3, 0x4200, 0x0) r4 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r5, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x10000}]) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x8400fffffffb) sendfile(r2, r2, &(0x7f0000000100), 0x8080ffffff7e) 01:28:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:23 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 819.449984][ T27] audit: type=1804 audit(1600651703.546:123): pid=19720 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/424/bus" dev="sda1" ino=15977 res=1 errno=0 01:28:23 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@ipv4={[], [], @dev}, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010101, 0x10000, 0x32}, 0x0, @in6=@loopback, 0x2000, 0x0, 0x1, 0xb7, 0x1fd}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) 01:28:23 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) socket$inet_icmp_raw(0x2, 0x3, 0x1) 01:28:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) dup3(r2, r1, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:24 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 820.322744][T11929] Bluetooth: hci3: command 0x0406 tx timeout [ 820.354446][T19730] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 820.362707][T19730] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 820.591611][T19730] F2FS-fs (loop5): invalid crc_offset: 0 01:28:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) dup3(r2, r1, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:24 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r2, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r3 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r3, 0x4, 0x46000) lseek(r3, 0x4200, 0x0) r4 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r5, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x10000}]) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x8400fffffffb) sendfile(r2, r2, &(0x7f0000000100), 0x8080ffffff7e) [ 820.824892][T19730] F2FS-fs (loop5): Failed to read root inode 01:28:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:25 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 821.620588][ T27] audit: type=1804 audit(1600651705.716:124): pid=19780 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/425/bus" dev="sda1" ino=16381 res=1 errno=0 01:28:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:25 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 822.252774][T19797] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 822.260666][T19797] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 822.301727][T19797] F2FS-fs (loop5): invalid crc_offset: 0 [ 822.705469][T19797] F2FS-fs (loop5): Failed to read root inode 01:28:27 executing program 3: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x0, 0x5e, 0x0}) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x12) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x1b) 01:28:27 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) 01:28:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r2, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r3 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r3, 0x4, 0x46000) lseek(r3, 0x4200, 0x0) r4 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r5, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x10000}]) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x8400fffffffb) sendfile(r2, r2, &(0x7f0000000100), 0x8080ffffff7e) 01:28:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:27 executing program 5: syz_mount_image$f2fs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:28 executing program 5: syz_mount_image$f2fs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 823.969059][ T27] audit: type=1804 audit(1600651708.067:125): pid=19825 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/426/bus" dev="sda1" ino=15998 res=1 errno=0 01:28:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:28 executing program 3: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x0, 0xf8, 0x0}) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x12) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x1b) 01:28:28 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) 01:28:28 executing program 5: syz_mount_image$f2fs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 824.639521][T19858] ptrace attach of "/root/syz-executor.3"[19857] was attempted by "/root/syz-executor.3"[19858] 01:28:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$key(0xf, 0x3, 0x2) pipe(&(0x7f0000000200)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r1, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r2 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r2, 0x4, 0x46000) lseek(r2, 0x4200, 0x0) r3 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r4, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f0000000000), 0x10000}]) r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x8400fffffffb) sendfile(r1, r1, &(0x7f0000000100), 0x8080ffffff7e) 01:28:29 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x0, 0x0, @ipv4={[], [], @empty}}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4), 0x1c) 01:28:29 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:29 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) 01:28:29 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 825.340075][ T27] audit: type=1804 audit(1600651709.437:126): pid=19887 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/427/bus" dev="sda1" ino=15991 res=1 errno=0 01:28:29 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', 0x0, 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:29 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:30 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:30 executing program 3: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:30 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:30 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r1, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r2 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r2, 0x4, 0x46000) lseek(r2, 0x4200, 0x0) r3 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r4, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f0000000000), 0x10000}]) r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x8400fffffffb) sendfile(r1, r1, &(0x7f0000000100), 0x8080ffffff7e) 01:28:30 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', 0x0, 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 826.556123][T19928] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 826.564275][T19928] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 826.699773][T19928] F2FS-fs (loop3): invalid crc_offset: 0 01:28:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:31 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 827.086971][ T27] audit: type=1804 audit(1600651711.187:127): pid=19948 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/428/bus" dev="sda1" ino=15993 res=1 errno=0 [ 827.224615][T19928] F2FS-fs (loop3): Failed to read root inode 01:28:31 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:31 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', 0x0, 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:31 executing program 3: 01:28:32 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:32 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() pipe(&(0x7f0000000200)) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:32 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000014b00)) 01:28:32 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = dup3(0xffffffffffffffff, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) 01:28:32 executing program 3: [ 828.554131][ T27] audit: type=1804 audit(1600651712.657:128): pid=19998 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/429/bus" dev="sda1" ino=16013 res=1 errno=0 01:28:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:32 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6(0xa, 0x2, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:32 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000014b00)) 01:28:33 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = dup3(0xffffffffffffffff, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) 01:28:33 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000014b00)) 01:28:33 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6(0xa, 0x2, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:33 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() pipe(&(0x7f0000000200)) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:33 executing program 3: 01:28:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:34 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6(0xa, 0x2, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 830.185682][ T27] audit: type=1804 audit(1600651714.287:129): pid=20032 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/430/bus" dev="sda1" ino=16180 res=1 errno=0 01:28:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = dup3(0xffffffffffffffff, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) 01:28:34 executing program 3: 01:28:34 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}], 0x0, &(0x7f0000014b00)) 01:28:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:35 executing program 3: [ 831.163243][T20055] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 831.171749][T20055] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:35 executing program 3: 01:28:35 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() pipe(&(0x7f0000000200)) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:35 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(0xffffffffffffffff, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 831.334765][T20055] F2FS-fs (loop5): invalid crc_offset: 0 01:28:35 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) [ 831.412504][T20055] F2FS-fs (loop5): invalid crc value [ 831.418038][T20055] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:35 executing program 3: 01:28:35 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}], 0x0, &(0x7f0000014b00)) 01:28:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 831.917690][ T27] audit: type=1804 audit(1600651716.017:130): pid=20074 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/431/bus" dev="sda1" ino=16180 res=1 errno=0 01:28:36 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(0xffffffffffffffff, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:36 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) 01:28:36 executing program 3: [ 832.528244][T20090] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 832.536431][T20090] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:36 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) [ 832.755983][T20090] F2FS-fs (loop5): invalid crc_offset: 0 [ 832.789773][T20090] F2FS-fs (loop5): invalid crc value [ 832.795854][T20090] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:36 executing program 3: 01:28:37 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(0xffffffffffffffff, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:37 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) pipe(&(0x7f0000000200)) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:37 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}], 0x0, &(0x7f0000014b00)) 01:28:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 833.394827][T20113] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 833.402905][T20113] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 833.415791][T20113] F2FS-fs (loop5): invalid crc_offset: 0 [ 833.425618][T20113] F2FS-fs (loop5): invalid crc value [ 833.431396][T20113] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:37 executing program 3: 01:28:37 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, r0, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) [ 833.709089][ T27] audit: type=1804 audit(1600651717.807:131): pid=20129 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/432/bus" dev="sda1" ino=16228 res=1 errno=0 01:28:37 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:37 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {0x0, 0x0, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:38 executing program 3: [ 834.451165][T20140] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 834.459163][T20140] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:38 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, r0, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) 01:28:38 executing program 0: pipe(&(0x7f0000000200)) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 834.555976][T20140] F2FS-fs (loop5): invalid crc_offset: 0 01:28:38 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 834.638144][T20140] F2FS-fs (loop5): invalid crc value [ 834.643890][T20140] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:38 executing program 3: 01:28:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:39 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {0x0, 0x0, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:39 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, r0, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) [ 835.140456][ T27] audit: type=1804 audit(1600651719.237:132): pid=20158 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/433/bus" dev="sda1" ino=16053 res=1 errno=0 01:28:39 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:39 executing program 3: [ 835.592385][T20172] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 835.600211][T20172] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:39 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 835.680912][T11929] Bluetooth: hci5: command 0x0406 tx timeout 01:28:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:39 executing program 3: [ 835.863430][T20172] F2FS-fs (loop5): invalid crc_offset: 0 [ 835.892907][T20172] F2FS-fs (loop5): invalid crc value [ 835.898332][T20172] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:40 executing program 1: socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r3, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:40 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:40 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {0x0, 0x0, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:40 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:40 executing program 3: 01:28:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = dup3(0xffffffffffffffff, r1, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:40 executing program 1: socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r3, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 836.665410][T20197] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 836.673494][T20197] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 836.689650][T20197] F2FS-fs (loop5): invalid crc_offset: 0 [ 836.702095][T20197] F2FS-fs (loop5): invalid crc value [ 836.707509][T20197] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 836.729025][ T27] audit: type=1804 audit(1600651720.827:133): pid=20198 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/434/bus" dev="sda1" ino=16046 res=1 errno=0 01:28:40 executing program 3: 01:28:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:41 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00), 0x0, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:41 executing program 1: socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r3, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:41 executing program 3: 01:28:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = dup3(0xffffffffffffffff, r1, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:41 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 837.702505][T20218] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 837.710493][T20218] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 837.722206][T20218] F2FS-fs (loop5): invalid crc_offset: 0 [ 837.730058][T20218] F2FS-fs (loop5): invalid crc value [ 837.735846][T20218] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:42 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00), 0x0, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:42 executing program 1: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:42 executing program 3: [ 838.279726][ T27] audit: type=1804 audit(1600651722.378:134): pid=20229 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/435/bus" dev="sda1" ino=16372 res=1 errno=0 [ 838.428055][T20241] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 838.436171][T20241] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 838.452208][T20241] F2FS-fs (loop5): invalid crc_offset: 0 [ 838.460418][T20241] F2FS-fs (loop5): invalid crc value [ 838.466194][T20241] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = dup3(0xffffffffffffffff, r1, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:42 executing program 1: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:42 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00), 0x0, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:42 executing program 3: 01:28:43 executing program 0: pipe(0x0) r0 = open(0x0, 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:43 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:43 executing program 1: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 839.830786][ T27] audit: type=1804 audit(1600651723.928:135): pid=20268 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/436/bus" dev="sda1" ino=16367 res=1 errno=0 [ 839.947259][T20269] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 839.955884][T20269] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:44 executing program 1: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:44 executing program 3: [ 840.116122][T20269] F2FS-fs (loop5): invalid crc_offset: 0 [ 840.173488][T20269] F2FS-fs (loop5): invalid crc value [ 840.178984][T20269] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:44 executing program 0: pipe(0x0) r0 = open(0x0, 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:44 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)='\x00'/16, 0x10, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:44 executing program 1: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:44 executing program 3: [ 840.876609][ T27] audit: type=1804 audit(1600651724.978:136): pid=20298 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/437/bus" dev="sda1" ino=15961 res=1 errno=0 [ 840.957355][T20297] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 840.965460][T20297] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 841.009639][T20297] F2FS-fs (loop5): invalid crc_offset: 0 [ 841.034423][T20297] F2FS-fs (loop5): invalid crc value [ 841.039911][T20297] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:45 executing program 1: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:45 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)='\x00'/16, 0x10, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:45 executing program 0: pipe(0x0) r0 = open(0x0, 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:45 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:45 executing program 3: [ 841.694868][T20314] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 841.702928][T20314] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 841.717566][T20314] F2FS-fs (loop5): invalid crc_offset: 0 [ 841.726696][T20314] F2FS-fs (loop5): invalid crc value [ 841.732566][T20314] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:46 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)='\x00'/16, 0x10, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:46 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, r0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 842.092365][ T27] audit: type=1804 audit(1600651726.198:137): pid=20330 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/438/bus" dev="sda1" ino=16089 res=1 errno=0 01:28:46 executing program 3: [ 842.447341][T20335] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 842.455498][T20335] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 842.473812][T20335] F2FS-fs (loop5): invalid crc_offset: 0 [ 842.485459][T20335] F2FS-fs (loop5): invalid crc value 01:28:46 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 842.491109][T20335] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:46 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:46 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)='\x00'/24, 0x18, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:46 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, r0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:46 executing program 3: 01:28:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 843.102024][ T27] audit: type=1804 audit(1600651727.198:138): pid=20352 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/439/bus" dev="sda1" ino=15961 res=1 errno=0 [ 843.153731][T20355] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 843.161815][T20355] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 843.184318][T20355] F2FS-fs (loop5): invalid crc_offset: 0 [ 843.198731][T20355] F2FS-fs (loop5): invalid crc value [ 843.204465][T20355] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:47 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:47 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = dup3(r1, r0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:47 executing program 3: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c63, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_mtu(r1, 0x0, 0xa, 0x0, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e23, @local={0xac, 0x14, 0xf}}, {0x2, 0x4e23, @empty}, {0x2, 0x4e22, @local}, 0x84, 0x0, 0x0, 0x0, 0x181, &(0x7f00000004c0)='veth1_to_team\x00', 0x800, 0x96030003, 0x7f}) sendto$inet(r1, 0x0, 0x0, 0x20000801, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) prctl$PR_CAPBSET_READ(0x17, 0x0) setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000300)='wg1\x00', 0x4) perf_event_open(&(0x7f0000000340)={0x5, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x3, 0x70, 0x1, 0x89, 0x8e, 0x3, 0x0, 0x1ff, 0x92210, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, @perf_config_ext={0x3ff, 0x7ff}, 0x1812, 0x7, 0x800, 0x5, 0x7ff, 0x4, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="50000000100001929ac17dbf0dd5720000000000", @ANYRES32=0x0, @ANYBLOB="0052000000e90000e87650e4300016802ce6008028026ed6d88c7e246821010000000000ffffffdf000100050000000000000000000000009a8e6c0b5e6e337d568d3d76585ca9203b11660e5f59a2263fbf4e62add0cec92a8f7e34ca489f60140190d9bdfe2957e343b31578486a50e96f828cc6"], 0x50}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000480)={'syztnl0\x00', &(0x7f0000000400)={'ip6_vti0\x00', 0x0, 0x4, 0xe0, 0x80, 0x7, 0x10, @loopback, @empty, 0x80, 0x40, 0x20, 0x6}}) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f00000000c0)=@proc={0x10, 0x0, 0x25dfdbfc, 0x100000}, 0xc, &(0x7f00000003c0)=[{&(0x7f00000005c0)={0x348, 0x38, 0x0, 0x70bd2c, 0x25dfdbfe, "", [@nested={0x241, 0x6a, 0x0, 0x1, [@generic="53c89f16d962606bd97b952c87252c9e8dcfead6e817f17c6d5f4e6f36ea56b6cd68126e4287cb090fe7c5b43c8617f9dc9954ab05c2c6b13412c5c1aaab9095afeaa357e339d5a6e297157a2b3ab4eb128bb091eba44eb42c38350c028c3a6044d0788e6d608881b121b501f02fcd797f5c6af65bee66b203120a2605ee4d2bb4f7c50662ac2dfb2ef4a0e55c3f678a2421e8c56b7ad83d13ed963c983c5ace7d12a35a7b1ef5d864110d74227bbe92cbf83c75d7bfde1028c91cd33822833248f467e546b0717bd1d88e018063d3ba91301a0c73176fbd7c524319e1ed0e81ada9402a67ef370a071368b456dcfdb8bc8405e8db08c1a6", @typed={0x14, 0x15, 0x0, 0x0, @ipv6=@mcast2}, @generic="dec48310c0830325c27de8aec23003d09c24130567c8b417a385e00716e999bd57c0e64f6e1b5afad8f31f9994f892a85134dd6647ae64557d4fa6ca5f1d0fb8d6236d844aca6405661476dc8860ec18a67f1aa97c7521e5a0582ab61146ba5b29b8ba99f40eb4646988e41423c21f5bcee77ff0df4971b001a0d612eabf302950ffdce5133b70d49747e9629a0d3f87d092573b70164382c4435af46c713902a8fc9e489ee14d49c29b4187029b3372400a182ebc39de3fc183", @typed={0x8, 0x94, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="e055b0f188cf223b5ff6973124a46852", @typed={0xc, 0x50, 0x0, 0x0, @u64=0x6}, @generic="e7542023e2fc23ac5e6491f3003599abf5bc44ce499f3d165a99fdd9d59d1db83e0c99cdd3ad5fe791252e9ea8104138e4713f491073834b281429d353077a5d6df132e0f54425c68521cb603e488ad82eb994"]}, @typed={0x8, 0x92, 0x0, 0x0, @u32=0x99}, @generic="cbc6943baca1cea814aeb48a2e13ce02c228ba7828f0834ac582cc7cf6279beecb2e43949bbc76f7424d49554cdbd5b071643b15c08691a4d120bf3a9fcc9c70b4221ee50d82752401560d74d54699ba26653ade09a1d5d94192193b2aafe78b1ce493f60c085e8ab35d9c2b79822f40ff3e5be360b233a870c4b31f7e407a580a3ed4f6964ec836ad6081de5d9c9f7ca6655ba4af0085248f806c1ea776e819c803b5615c769be274c71be8d33c51d1105d62c7c8f567517be8317d3fdfad4b506ff6473f8dfca08e3e90029d99450d658c937bfd522c5792202d8b527b190a5d0e8dc621480fddad"]}, 0x348}, {&(0x7f0000000940)={0xc8, 0x9, 0x200, 0x70bd2d, 0x25dfdbff, "", [@generic="b4ed8043ba67eaa741146a83c0b734949245fc67c01ae8a1c7960cdd449d75eb158a1f2e971d6221fae36bda4dc09df020acf9e4694787a9990a51f5aa37353617272c89885aa2398f89f89709a2ae372be68d53164f1ef577fdaf8a3dab1afe4f4d7106e7ebcb13e6eb51cf3ab4fe733d644260694f3d37c874eea37d070c9d81184dbadfdad12c3207640cb871a4dcd3c90dd87f4f62f9ed4ee2d36d521cada5aa111b8c090dcd8f18b07922354b422aac888c1ae9"]}, 0xc8}], 0x2, &(0x7f0000000c40)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r0]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}], 0x80, 0x84}, 0x40800) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = getpid() r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp6\x00') preadv(r4, &(0x7f0000000200)=[{&(0x7f0000000100)=""/210, 0xd2}], 0x1, 0x20, 0x4) migrate_pages(r3, 0x5, &(0x7f0000000200)=0xb02, &(0x7f0000000240)=0x1) write$cgroup_type(r2, &(0x7f0000000080)='threaded\x00', 0xd10a) 01:28:47 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:47 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)='\x00'/24, 0x18, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:48 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 844.262572][T20378] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 844.271098][T20378] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 844.294891][ T27] audit: type=1804 audit(1600651728.398:139): pid=20379 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/440/bus" dev="sda1" ino=15724 res=1 errno=0 01:28:48 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000a80)='net/protocols\x00') preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/210, 0xd2}], 0x1, 0x20, 0x0) [ 844.403992][T20378] F2FS-fs (loop5): invalid crc_offset: 0 [ 844.414379][T20378] F2FS-fs (loop5): invalid crc value [ 844.420495][T20378] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:48 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:48 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)='\x00'/24, 0x18, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:49 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:49 executing program 3: dup2(0xffffffffffffffff, 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x13, 0x10, 0x3}, 0x40) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0xb, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r2, @ANYBLOB="00000000000000009500000000000000613756ca1fdec1cb8e17cda153ad0726c89cdaceec68f0d9a3b3ecf09b358159c3273494be17dbfe5c89a7a3da82c7c281f50a0f60206d0e9a4f04ecdf23fe38034b25b3378ebfba332eb9a44406e023c2f9467e079d39e91b0401818513f81839e262c27ed72705f0207d917e7b1314227b002049aa5da6965c5d8bcb7139c535ab17363c1947301ac0f2418894458e2ef584d4e3887d81651ef59a648ddda847af23e32b9e82cc177d5da467ab5d51b53854398729005f549670aa5eb3cf8ebfe1c146f28f7e09e83f5353520cd1f8e3cf30a5d59be6124b05dcc7b4b423fdb038434ed37d405f9073909b16ac971e80ba4e2943a8648966b3076bf7f6c3bb34"], &(0x7f0000000440)='syzkaller\x00', 0x5, 0x270, &(0x7f0000000200)=""/144, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x212, 0x10, &(0x7f0000000000), 0xfffffffffffffea8}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r3, 0x123, 0xe, 0x0, &(0x7f0000000000)="7c16eb8c75c193cc4d00ed1259e7", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 845.252047][ T27] audit: type=1804 audit(1600651729.358:140): pid=20402 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/441/bus" dev="sda1" ino=16108 res=1 errno=0 [ 845.386732][T20406] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 845.395282][T20406] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 845.547038][T20406] F2FS-fs (loop5): invalid crc_offset: 0 [ 845.576941][T20406] F2FS-fs (loop5): invalid crc value [ 845.582837][T20406] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(0xffffffffffffffff, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:49 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:50 executing program 3: epoll_create1(0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0xc63b9e35) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ipv6_route\x00') sendfile(r1, r2, 0x0, 0x7ffff00e) 01:28:50 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)='\x00'/28, 0x1c, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:50 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 846.346221][ T27] audit: type=1804 audit(1600651730.408:141): pid=20437 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/442/bus" dev="sda1" ino=16380 res=1 errno=0 [ 846.458315][T20441] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 846.466742][T20441] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(0xffffffffffffffff, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 846.968460][T20441] F2FS-fs (loop5): invalid crc_offset: 0 [ 847.018807][T20441] F2FS-fs (loop5): invalid crc value [ 847.024686][T20441] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:51 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:51 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000880)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS(r0, 0x401012f7, 0x0) 01:28:51 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:51 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)='\x00'/28, 0x1c, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(0xffffffffffffffff, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 847.813261][ T27] audit: type=1804 audit(1600651731.918:142): pid=20472 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/443/bus" dev="sda1" ino=16371 res=1 errno=0 [ 847.894494][T20473] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 847.902872][T20473] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:52 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) mmap(&(0x7f0000008000/0x600000)=nil, 0x600000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r3, 0x0, 0x0, 0x1000f4) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x4) r4 = getpgid(0x0) pipe(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r2, &(0x7f00000001c0), 0xfffffef3) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r5 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r5, r5, 0x0, 0x8080fffffffe) [ 848.043813][T20473] F2FS-fs (loop5): invalid crc_offset: 0 [ 848.068924][T20473] F2FS-fs (loop5): invalid crc value [ 848.074501][T20473] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:52 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:52 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:52 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)='\x00'/28, 0x1c, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 848.800073][ T27] audit: type=1804 audit(1600651732.898:143): pid=20502 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/444/bus" dev="sda1" ino=16121 res=1 errno=0 01:28:53 executing program 3: open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x1000f4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x4) r2 = getpgid(0x0) write(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000001c0), 0xfffffef3) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r3, r3, 0x0, 0x8080fffffffe) [ 849.150509][T20506] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 849.158905][T20506] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 849.251483][T20506] F2FS-fs (loop5): invalid crc_offset: 0 01:28:53 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:53 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, 0x0, 0x0) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 849.294832][T20506] F2FS-fs (loop5): invalid crc value [ 849.300860][T20506] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:53 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910", 0x1e, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 849.950870][ T27] audit: type=1804 audit(1600651734.048:144): pid=20533 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/445/bus" dev="sda1" ino=16133 res=1 errno=0 01:28:54 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:54 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$FIDEDUPERANGE(r2, 0x401c5820, &(0x7f00000003c0)=ANY=[@ANYBLOB='P']) [ 850.183232][T20539] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 850.191525][T20539] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:54 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, 0x0, 0x0) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 850.370907][T20539] F2FS-fs (loop5): invalid crc_offset: 0 [ 850.396233][T20539] F2FS-fs (loop5): invalid crc value [ 850.402202][T20539] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:54 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 01:28:54 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910", 0x1e, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 850.784978][ T27] audit: type=1804 audit(1600651734.888:145): pid=20559 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/446/bus" dev="sda1" ino=16127 res=1 errno=0 01:28:55 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) mmap(&(0x7f0000008000/0x600000)=nil, 0x600000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r2, 0x0, 0x0, 0x1000f4) dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = getpgid(0x0) write(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r1, &(0x7f00000001c0), 0xfffffef3) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r4, r4, 0x0, 0x8080fffffffe) 01:28:55 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 851.282678][T20577] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 851.291084][T20577] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 851.343710][T20577] F2FS-fs (loop5): invalid crc_offset: 0 [ 851.353277][T20577] F2FS-fs (loop5): invalid crc value [ 851.358781][T20577] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:55 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910", 0x1e, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:55 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, 0x0, 0x0) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:55 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) mmap(&(0x7f0000008000/0x600000)=nil, 0x600000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r3, 0x0, 0x0, 0x1000f4) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0x4) r5 = getpgid(0x0) write(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r2, &(0x7f00000001c0), 0xfffffef3) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r6 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r6, r6, 0x0, 0x8080fffffffe) 01:28:56 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 852.127392][T20602] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 852.135847][T20602] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 852.212054][ T27] audit: type=1804 audit(1600651736.318:146): pid=20607 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/447/bus" dev="sda1" ino=16140 res=1 errno=0 01:28:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 852.346753][T20602] F2FS-fs (loop5): invalid crc_offset: 0 [ 852.441726][T20602] F2FS-fs (loop5): invalid crc value [ 852.447656][T20602] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:57 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db", 0x1f, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:57 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:57 executing program 3: r0 = getpid() setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000), 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) keyctl$chown(0x4, 0x0, 0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:28:57 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(0x0, 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:28:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) [ 853.503798][T20637] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 853.512618][T20637] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 853.562099][T20637] F2FS-fs (loop5): invalid crc_offset: 0 [ 853.628808][T20637] F2FS-fs (loop5): invalid crc value [ 853.635105][T20637] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:57 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 853.761365][ T27] audit: type=1804 audit(1600651737.859:147): pid=20650 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/448/bus" dev="sda1" ino=16081 res=1 errno=0 01:28:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) 01:28:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:58 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db", 0x1f, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:28:58 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x0, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:28:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) [ 854.795767][T20682] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 854.808015][T20682] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:28:59 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(0x0, 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 855.116288][T20682] F2FS-fs (loop5): invalid crc_offset: 0 [ 855.169229][T20682] F2FS-fs (loop5): invalid crc value [ 855.174836][T20682] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:28:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(0xffffffffffffffff, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:28:59 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x0, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 855.641189][ T27] audit: type=1804 audit(1600651739.749:148): pid=20700 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/449/bus" dev="sda1" ino=15923 res=1 errno=0 [ 856.108532][T20638] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:29:01 executing program 3: r0 = getpid() setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000), 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) keyctl$chown(0x4, 0x0, 0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:29:01 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db", 0x1f, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) dup3(r2, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) 01:29:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(0xffffffffffffffff, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:01 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x0, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:01 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(0x0, 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 857.188427][T20733] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 857.196637][T20733] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 857.223341][ T27] audit: type=1804 audit(1600651741.329:149): pid=20730 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/450/bus" dev="sda1" ino=16166 res=1 errno=0 [ 857.432818][T20733] F2FS-fs (loop5): invalid crc_offset: 0 01:29:01 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x0, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 857.476645][T20733] F2FS-fs (loop5): invalid crc value [ 857.482318][T20733] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:01 executing program 4: r0 = open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) mmap(&(0x7f0000008000/0x600000)=nil, 0x600000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r3, 0x0, 0x0, 0x1000f4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0) r4 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r2, &(0x7f00000001c0), 0xfffffef3) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe) 01:29:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(0xffffffffffffffff, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:02 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20}], 0x0, &(0x7f0000014b00)) 01:29:02 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:02 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$netlink(r2, 0x10e, 0x0, 0x0, 0x0) [ 858.461417][T20775] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 858.469471][T20775] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 858.516084][T20775] F2FS-fs (loop5): invalid crc_offset: 0 [ 858.579976][T20775] F2FS-fs (loop5): invalid crc value [ 858.585541][T20775] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 858.630805][ T27] audit: type=1804 audit(1600651742.729:150): pid=20780 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/451/bus" dev="sda1" ino=16171 res=1 errno=0 01:29:03 executing program 3: r0 = getpid() setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000), 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) keyctl$chown(0x4, 0x0, 0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:29:03 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x0, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, 0xffffffffffffffff, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:03 executing program 4: symlink(&(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)='./file0\x00') 01:29:03 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20}], 0x0, &(0x7f0000014b00)) [ 859.554107][T20794] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 859.563209][T20794] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:03 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:03 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x0, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 859.748534][T20794] F2FS-fs (loop5): invalid crc_offset: 0 [ 859.783943][T20794] F2FS-fs (loop5): invalid crc value [ 859.789809][T20794] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:03 executing program 4: syz_mount_image$tmpfs(&(0x7f0000000000)='tmpfs\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001880)={[{@nr_inodes={'nr_inodes', 0x3d, [0x21]}}]}) 01:29:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, 0xffffffffffffffff, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 860.090165][ T27] audit: type=1804 audit(1600651744.189:151): pid=20811 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/452/bus" dev="sda1" ino=16154 res=1 errno=0 01:29:04 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20}], 0x0, &(0x7f0000014b00)) 01:29:04 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 860.425496][T20814] tmpfs: Bad value for 'nr_inodes' [ 860.502971][T20814] tmpfs: Bad value for 'nr_inodes' 01:29:04 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 861.022510][T20831] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 861.030650][T20831] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 861.079243][T20831] F2FS-fs (loop5): invalid crc_offset: 0 [ 861.087239][T20831] F2FS-fs (loop5): invalid crc value [ 861.093264][T20831] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 861.236150][T20809] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:29:05 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000) recvfrom(0xffffffffffffffff, &(0x7f0000000140)=""/72, 0x48, 0x61, &(0x7f00000001c0)=@l2tp={0x2, 0x0, @multicast2, 0x1}, 0x80) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') setns(r0, 0x0) lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='trusted.overlay.nlink\x00', 0x0, 0x0, 0x3) r1 = open(&(0x7f0000001380)='./file0\x00', 0x1ada42, 0x6) r2 = memfd_create(&(0x7f0000000040)='/n\xcb2\x88\x1d\xf9\xff\xe7\xdc[\x17\x8b\xb2\xf7W\xf0\x06\x00\x00@\xc8k\xc0\xa5veli', 0x0) ftruncate(r2, 0x40003) sendfile(r1, r2, 0x0, 0x2008000fffffffe) 01:29:05 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x28) 01:29:05 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, 0xffffffffffffffff, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:05 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:05 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 861.744984][T20847] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 861.753331][T20847] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 861.764092][ T27] audit: type=1800 audit(1600651745.849:152): pid=20845 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16289 res=0 errno=0 [ 861.789684][T20847] F2FS-fs (loop5): invalid crc_offset: 0 [ 861.797246][T20847] F2FS-fs (loop5): invalid crc_offset: 0 [ 861.803231][T20847] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 861.813690][ T27] audit: type=1804 audit(1600651745.909:153): pid=20851 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/453/bus" dev="sda1" ino=16258 res=1 errno=0 [ 861.840061][ T27] audit: type=1800 audit(1600651745.919:154): pid=20852 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16305 res=0 errno=0 01:29:06 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) mmap(&(0x7f0000008000/0x600000)=nil, 0x600000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r3, 0x0, 0x0, 0x1000f4) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0x4) r5 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r2, &(0x7f00000001c0), 0xfffffef3) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r6 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r6, r6, 0x0, 0x8080fffffffe) 01:29:06 executing program 4: chdir(0x0) symlink(&(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f00000002c0)='./file0\x00') 01:29:06 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, 0x0, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:06 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 862.685398][T20874] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 862.693549][T20874] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:06 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:06 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000200)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) [ 862.767308][T20874] F2FS-fs (loop5): invalid crc_offset: 0 [ 862.778377][T20874] F2FS-fs (loop5): invalid crc_offset: 0 [ 862.784718][T20874] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:07 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) mmap(&(0x7f0000008000/0x600000)=nil, 0x600000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r3, 0x0, 0x0, 0x1000f4) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0x0) r5 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r2, &(0x7f00000001c0), 0xfffffef3) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r6 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r6, r6, 0x0, 0x8080fffffffe) 01:29:07 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, 0x0, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:07 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 863.485183][ T27] audit: type=1804 audit(1600651747.589:155): pid=20893 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/454/bus" dev="sda1" ino=16201 res=1 errno=0 01:29:07 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, 0x0, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:07 executing program 4: clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() r1 = gettid() tkill(r1, 0x14) ptrace(0x10, r0) ptrace$peeksig(0x4208, r0, 0x0, 0x0) [ 863.776881][T20904] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 863.785691][T20904] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 863.961710][T20904] F2FS-fs (loop5): invalid crc_offset: 0 [ 864.030820][T20904] F2FS-fs (loop5): invalid crc_offset: 0 [ 864.036983][T20904] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:08 executing program 3: semctl$SETALL(0x0, 0x0, 0x11, 0x0) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8914, 0x0) perf_event_open(&(0x7f0000000440)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000880)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS(r0, 0x1274, 0x0) 01:29:08 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {0x0, 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:08 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:08 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:09 executing program 3: getpid() write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sync() 01:29:09 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x400000, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 865.052392][T20930] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 865.060657][T20930] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 865.184040][ T27] audit: type=1804 audit(1600651749.279:156): pid=20933 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/455/bus" dev="sda1" ino=16355 res=1 errno=0 [ 865.224923][T20930] F2FS-fs (loop5): invalid crc_offset: 0 [ 865.307349][T20930] F2FS-fs (loop5): invalid crc_offset: 0 [ 865.313528][T20930] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 865.415338][T20951] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 01:29:09 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:10 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {0x0, 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:10 executing program 3: getpid() write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sync() 01:29:10 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:10 executing program 4: bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = memfd_create(&(0x7f0000000180)='\xb3', 0x0) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) r4 = dup(r3) write$FUSE_DIRENT(r2, &(0x7f0000000040)=ANY=[], 0x29) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r2, 0x0) ioctl$RNDADDENTROPY(r4, 0x40085203, &(0x7f00000002c0)=ANY=[]) 01:29:10 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 866.552916][T20969] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 866.561238][T20969] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 866.739867][T20969] F2FS-fs (loop5): invalid crc_offset: 0 [ 866.771270][T20969] F2FS-fs (loop5): invalid crc_offset: 0 [ 866.777263][T20969] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 866.929678][ T27] audit: type=1804 audit(1600651751.019:157): pid=20982 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/456/bus" dev="sda1" ino=15844 res=1 errno=0 01:29:11 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syslog(0x3, &(0x7f0000000100)=""/224, 0xe0) 01:29:11 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:11 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {0x0, 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:11 executing program 3: getpid() write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sync() 01:29:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, 0x0) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:12 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:12 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x0) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:12 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) mmap(&(0x7f0000008000/0x600000)=nil, 0x600000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r2, 0x0, 0x0, 0x1000f4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x4) r3 = getpgid(0x0) write(0xffffffffffffffff, 0x0, 0x0) ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r1, &(0x7f00000001c0), 0xfffffef3) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r4, r4, 0x0, 0x8080fffffffe) [ 868.312517][T21010] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 868.320694][T21010] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 868.333074][T21010] F2FS-fs (loop5): invalid crc_offset: 0 [ 868.341805][T21010] F2FS-fs (loop5): invalid crc_offset: 0 [ 868.347616][T21010] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:12 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$netlink(r2, 0x10e, 0x9, 0x0, &(0x7f0000000040)) 01:29:12 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, 0x0) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:12 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00), 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 868.606735][ T27] audit: type=1804 audit(1600651752.700:158): pid=21018 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/457/bus" dev="sda1" ino=15763 res=1 errno=0 [ 869.274107][T21035] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 869.282299][T21035] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, 0x0) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:13 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sync() [ 869.396351][T21035] F2FS-fs (loop5): invalid crc_offset: 0 01:29:13 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, 0x0, &(0x7f0000000200)) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 869.481678][T21035] F2FS-fs (loop5): invalid crc_offset: 0 [ 869.487489][T21035] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:13 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') sched_setattr(0xffffffffffffffff, 0x0, 0x0) setns(r0, 0x0) sched_setattr(0x0, &(0x7f0000000540)={0x38, 0x5, 0x48, 0x3, 0x7fffffff, 0x59b0, 0x2, 0x4, 0x3}, 0x0) ftruncate(0xffffffffffffffff, 0x3) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@gid={'gid'}}]}) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={0x0}}, 0x10) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) socket$netlink(0x10, 0x3, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000440)={&(0x7f0000001040)=ANY=[@ANYRESHEX, @ANYRES16, @ANYBLOB], 0x160}, 0x1, 0x0, 0x0, 0x24000094}, 0x2404c081) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x88, 0x0, 0x400, 0x70bd26, 0x0, {}, [@TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xdd1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc510}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x43, 0x3, "047558220f3ebbd2de093e083a9056ef7987a6ae946e3602cd3f7bf86f5bb2ecf7087c0ca71437333b434d58e101f4c273c5d4291eb592542d3b06a714b99d"}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x8000) 01:29:13 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x0) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:13 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00), 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:14 executing program 3: clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() r1 = gettid() tkill(r1, 0x14) ptrace(0x10, r0) ptrace$peeksig(0x15, r0, 0x0, &(0x7f0000000200)) 01:29:14 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, 0x0, &(0x7f0000000200)) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 870.370379][ T27] audit: type=1804 audit(1600651754.470:159): pid=21064 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/458/bus" dev="sda1" ino=15877 res=1 errno=0 [ 870.377405][T21065] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 870.404091][T21065] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 870.418049][T21065] F2FS-fs (loop5): invalid crc_offset: 0 [ 870.427088][T21065] F2FS-fs (loop5): invalid crc_offset: 0 [ 870.433177][T21065] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:14 executing program 4: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) ioprio_set$uid(0x3, r1, 0x0) write(0xffffffffffffffff, 0x0, 0x0) 01:29:14 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00), 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 871.060917][T21086] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 871.069057][T21086] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 871.080690][T21086] F2FS-fs (loop5): invalid crc_offset: 0 [ 871.088215][T21086] F2FS-fs (loop5): invalid crc_offset: 0 [ 871.094144][T21086] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:15 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, 0x0, &(0x7f0000000200)) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:15 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffff", 0x63, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:15 executing program 4: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) ioprio_set$uid(0x3, r1, 0x0) write(0xffffffffffffffff, 0x0, 0x0) 01:29:15 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x0) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:16 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 872.065638][T21110] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 872.073995][T21110] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 872.084874][ T27] audit: type=1804 audit(1600651756.160:160): pid=21111 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/459/bus" dev="sda1" ino=16027 res=1 errno=0 01:29:16 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') sched_setattr(0xffffffffffffffff, &(0x7f0000000580)={0x38, 0x1, 0x5, 0x10001, 0xffff, 0x8, 0x5092764e, 0x4, 0x4}, 0x0) r1 = getpid() migrate_pages(r1, 0x5, &(0x7f0000000200)=0xb02, &(0x7f0000000240)=0x1) process_vm_readv(r1, &(0x7f0000000080)=[{&(0x7f0000000100)=""/108, 0x6c}], 0x1, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/83, 0x53}, {&(0x7f0000000200)=""/161, 0xa1}], 0x2, 0x0) setns(r0, 0x0) r2 = memfd_create(0x0, 0x0) sched_setattr(r1, &(0x7f0000000540)={0x38, 0x5, 0x48, 0x3, 0x7fffffff, 0x59b0, 0x2, 0x4, 0x3}, 0x0) ftruncate(r2, 0x3) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000b9010000000001b9000000000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8000}, {&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000b9010000000001b9252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c1101000000000000000001130000000022001701", 0xa0, 0x8800}, {&(0x7f0000014600)="2200170100000000011700080000000008007809140b2a3a0802", 0x1a, 0x8b800}], 0x0, &(0x7f0000000040)={[{@gid={'gid'}}, {@overriderock='overriderockperm'}]}) write$nbd(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="678070cab45f00c1890e0544914466980100000000000300f8ffffffd9d8d33d58092e4b13e09c025aa3371973a0e58f1fee6cbe26ddea3816c5526d52b3d3f7c4bb822d98835a48785e3fa51620390830209e6f955e"], 0x56) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x158, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1ff0000}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xa12}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7ff}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x20}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1071}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfffffbff}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x6}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}]}, @IPVS_CMD_ATTR_DAEMON={0x48, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x619b4cf2}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x480}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xee}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xb14140f}]}, 0x158}}, 0x10) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = syz_genetlink_get_family_id$tipc2(0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000440)={&(0x7f0000001040)=ANY=[@ANYRESHEX, @ANYRES16=r4, @ANYBLOB="000126bd7000fddbdf25030000000c000680080001000800000044000380080002000000000008d53483b40000000800030000708b0608000200060000000800020000000000080003002000000008000200ad83000008000200020000007000058000d70280ff0003000000000008000400ff030000080001006574680014000280080002000100000008000200000000803c0002800800020039610000080002000000000c080001001700000008000300070000000800030009000000080003000200000008000100000000000c00038008000200060000002c00078008000100400000000c00020000000000000000000c00030007000000000000000800020020000000240004800900010073797a31000000001300010062726f6164636173742d6c696e6b00002c000980080001e30000000008000100000000000800010000fe030008000100000001000800020004000000040009803663decbc5793bbf9efe96d6d37666336ddc8c4ee123c3b0b546607b130fa47ce4ec0982604329ac2edfe394048959d08c23f51724171edeaf5606eb60aeae8412e87c9bcfd2e51026ad07bb4f2d4da5c1e70e62a82cc1235c102d749c9ead447cafe418f64ecb2633c888266ee26609d2548b202b85c463f582dc851987c7429a9c4f032bd7935aff617a2d96e8bed2655a310f638ed747de036af12d97cea07e2528c14d5f382068f5e3eb59e936f5a1af661ccb4817fca97de56c958a89be3a0549f2d55331f06d06ce81d718c80a57b01008560d274e31333b0883d6c5cc7d45bdf19dae0658521dec73267c31d9eb1dc70d0bf56a5a1e61c764f5489dca360b2eb35362741f9e"], 0x160}, 0x1, 0x0, 0x0, 0x24000094}, 0x2404c081) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="89a8f7eedf561332db673be836a903f26123a34e5d250b8c5a57b8f62089c21b1fe9e827703309564368bc582cbf1cf2d384c21b706322f6d5dfbfc5c0a640ceb70f97c3562ed4ef8250a4b485cdcf90493dc30a1401d3", @ANYRES16=r4, @ANYBLOB], 0x3}, 0x1, 0x0, 0x0, 0x20000010}, 0x810) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0xd0, r4, 0x400, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xdd1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc510}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_NODE={0x90, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x87, 0x3, "047558220f3ebbd2de093e083a9056ef7987a6ae946e3602cd3f7bf86f5bb2ecf7087c0ca71437333b434d58e101f4c273c5d4291eb592542d3b06a714b99d3b43cb36cdf9ed189d8ed96bfd5c8fd574e0e6bec9860ba20e45a0e16d5ed45f1fc19bb7b748eacd23afbf1aa7584ff389c5f8d7848b6f3ffeb0617817551faa40257eb9"}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x1}, 0x8000) 01:29:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 872.249740][T21110] F2FS-fs (loop5): invalid crc_offset: 0 [ 872.260168][T21110] F2FS-fs (loop5): invalid crc_offset: 0 [ 872.266079][T21110] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:17 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x10e, 0x0, &(0x7f0000000000)="9a365972", 0x4) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) keyctl$chown(0x4, 0x0, 0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000028c0)={0x298, 0x0, 0x0, [{{0x2, 0x0, 0x100, 0x4, 0x1000, 0x1, {0x2, 0x100000001, 0x8, 0x8, 0x7, 0x1, 0xae0e, 0x7, 0x80000000, 0xc000, 0x0, 0x0, 0xee00, 0x82, 0x80}}, {0x0, 0x7fff, 0x9, 0x420, '/dev/kvm\x00'}}, {{0x3, 0x1, 0x0, 0x0, 0x95, 0x6, {0x6, 0x6, 0x9, 0x36f, 0x1f, 0x0, 0x5, 0x6, 0xffffffff, 0x6000, 0x9, 0x0, 0xee01, 0xfffffffa, 0x8}}, {0x0, 0x1000, 0x9, 0x4, '/dev/kvm\x00'}}, {{0x6, 0x0, 0x101, 0x6, 0x7, 0x3, {0x3, 0x80, 0x200, 0xfff, 0x2, 0x834e, 0x100, 0x6, 0xffffff80, 0x6000, 0x2, 0x0, 0x0, 0x80000000, 0x8}}, {0x2, 0x3, 0x2, 0x9, '!+'}}, {{0x1, 0x2, 0x80000001, 0x7ff, 0xffffffff, 0x81, {0x5, 0x80000001, 0x40, 0xdb0, 0x9, 0x1, 0x5, 0xab2b, 0x8, 0x6000, 0x2, 0x0, 0x0, 0x2, 0x7f}}, {0x0, 0x1, 0x0, 0x8}}]}, 0x298) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000100)="0f0836660f3a633ea466bad004ec9a13000000fb00f00fb18500000000670f01cb660f388054fe04660f3a0aef07cf66ba410066ed", 0x35}], 0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x8, 0x0, 0x4}}, 0x14) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:29:17 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffff", 0x63, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:17 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:17 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:17 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') sched_setattr(0xffffffffffffffff, &(0x7f0000000580)={0x38, 0x1, 0x5, 0x10001, 0xffff, 0x8, 0x5092764e, 0x4, 0x4}, 0x0) r1 = getpid() migrate_pages(r1, 0x5, &(0x7f0000000200)=0xb02, &(0x7f0000000240)=0x1) process_vm_readv(r1, &(0x7f0000000080)=[{&(0x7f0000000100)=""/108, 0x6c}], 0x1, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/83, 0x53}, {&(0x7f0000000200)=""/161, 0xa1}], 0x2, 0x0) setns(r0, 0x0) r2 = memfd_create(0x0, 0x0) sched_setattr(r1, &(0x7f0000000540)={0x38, 0x5, 0x48, 0x3, 0x7fffffff, 0x59b0, 0x2, 0x4, 0x3}, 0x0) ftruncate(r2, 0x3) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000b9010000000001b9000000000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8000}, {&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000b9010000000001b9252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c1101000000000000000001130000000022001701", 0xa0, 0x8800}, {&(0x7f0000014600)="2200170100000000011700080000000008007809140b2a3a0802", 0x1a, 0x8b800}], 0x0, &(0x7f0000000040)={[{@gid={'gid'}}, {@overriderock='overriderockperm'}]}) write$nbd(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="678070cab45f00c1890e0544914466980100000000000300f8ffffffd9d8d33d58092e4b13e09c025aa3371973a0e58f1fee6cbe26ddea3816c5526d52b3d3f7c4bb822d98835a48785e3fa51620390830209e6f955e"], 0x56) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x158, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1ff0000}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xa12}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7ff}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x20}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1071}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfffffbff}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x6}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}]}, @IPVS_CMD_ATTR_DAEMON={0x48, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x619b4cf2}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x480}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xee}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xb14140f}]}, 0x158}}, 0x10) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = syz_genetlink_get_family_id$tipc2(0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000440)={&(0x7f0000001040)=ANY=[@ANYRESHEX, @ANYRES16=r4, @ANYBLOB="000126bd7000fddbdf25030000000c000680080001000800000044000380080002000000000008d53483b40000000800030000708b0608000200060000000800020000000000080003002000000008000200ad83000008000200020000007000058000d70280ff0003000000000008000400ff030000080001006574680014000280080002000100000008000200000000803c0002800800020039610000080002000000000c080001001700000008000300070000000800030009000000080003000200000008000100000000000c00038008000200060000002c00078008000100400000000c00020000000000000000000c00030007000000000000000800020020000000240004800900010073797a31000000001300010062726f6164636173742d6c696e6b00002c000980080001e30000000008000100000000000800010000fe030008000100000001000800020004000000040009803663decbc5793bbf9efe96d6d37666336ddc8c4ee123c3b0b546607b130fa47ce4ec0982604329ac2edfe394048959d08c23f51724171edeaf5606eb60aeae8412e87c9bcfd2e51026ad07bb4f2d4da5c1e70e62a82cc1235c102d749c9ead447cafe418f64ecb2633c888266ee26609d2548b202b85c463f582dc851987c7429a9c4f032bd7935aff617a2d96e8bed2655a310f638ed747de036af12d97cea07e2528c14d5f382068f5e3eb59e936f5a1af661ccb4817fca97de56c958a89be3a0549f2d55331f06d06ce81d718c80a57b01008560d274e31333b0883d6c5cc7d45bdf19dae0658521dec73267c31d9eb1dc70d0bf56a5a1e61c764f5489dca360b2eb35362741f9e"], 0x160}, 0x1, 0x0, 0x0, 0x24000094}, 0x2404c081) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="89a8f7eedf561332db673be836a903f26123a34e5d250b8c5a57b8f62089c21b1fe9e827703309564368bc582cbf1cf2d384c21b706322f6d5dfbfc5c0a640ceb70f97c3562ed4ef8250a4b485cdcf90493dc30a1401d3", @ANYRES16=r4, @ANYBLOB], 0x3}, 0x1, 0x0, 0x0, 0x20000010}, 0x810) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0xd0, r4, 0x400, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xdd1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc510}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_NODE={0x90, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x87, 0x3, "047558220f3ebbd2de093e083a9056ef7987a6ae946e3602cd3f7bf86f5bb2ecf7087c0ca71437333b434d58e101f4c273c5d4291eb592542d3b06a714b99d3b43cb36cdf9ed189d8ed96bfd5c8fd574e0e6bec9860ba20e45a0e16d5ed45f1fc19bb7b748eacd23afbf1aa7584ff389c5f8d7848b6f3ffeb0617817551faa40257eb9"}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x1}, 0x8000) [ 873.842647][ T27] audit: type=1804 audit(1600651757.940:161): pid=21142 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/460/bus" dev="sda1" ino=16027 res=1 errno=0 [ 873.916129][T21148] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 873.924638][T21148] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 874.035761][T21148] F2FS-fs (loop5): invalid crc_offset: 0 [ 874.132582][T21148] F2FS-fs (loop5): invalid crc_offset: 0 [ 874.138512][T21148] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:18 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:18 executing program 4: setns(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0xb0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffff, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x1, &(0x7f0000000200)=[{0x0}], 0x0, 0x0) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x0) 01:29:18 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffff", 0x63, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:18 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:19 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 875.271144][T21186] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 875.279317][T21186] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 875.290344][T21186] F2FS-fs (loop5): invalid crc_offset: 0 [ 875.298323][T21186] F2FS-fs (loop5): invalid crc_offset: 0 [ 875.304151][T21186] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 875.570454][T21161] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 875.683574][ T27] audit: type=1804 audit(1600651759.780:162): pid=21192 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/461/bus" dev="sda1" ino=15742 res=1 errno=0 [ 876.501289][T21161] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:29:20 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x10e, 0x0, &(0x7f0000000000)="9a365972", 0x4) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) keyctl$chown(0x4, 0x0, 0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000028c0)={0x298, 0x0, 0x0, [{{0x2, 0x0, 0x100, 0x4, 0x1000, 0x1, {0x2, 0x100000001, 0x8, 0x8, 0x7, 0x1, 0xae0e, 0x7, 0x80000000, 0xc000, 0x0, 0x0, 0xee00, 0x82, 0x80}}, {0x0, 0x7fff, 0x9, 0x420, '/dev/kvm\x00'}}, {{0x3, 0x1, 0x0, 0x0, 0x95, 0x6, {0x6, 0x6, 0x9, 0x36f, 0x1f, 0x0, 0x5, 0x6, 0xffffffff, 0x6000, 0x9, 0x0, 0xee01, 0xfffffffa, 0x8}}, {0x0, 0x1000, 0x9, 0x4, '/dev/kvm\x00'}}, {{0x6, 0x0, 0x101, 0x6, 0x7, 0x3, {0x3, 0x80, 0x200, 0xfff, 0x2, 0x834e, 0x100, 0x6, 0xffffff80, 0x6000, 0x2, 0x0, 0x0, 0x80000000, 0x8}}, {0x2, 0x3, 0x2, 0x9, '!+'}}, {{0x1, 0x2, 0x80000001, 0x7ff, 0xffffffff, 0x81, {0x5, 0x80000001, 0x40, 0xdb0, 0x9, 0x1, 0x5, 0xab2b, 0x8, 0x6000, 0x2, 0x0, 0x0, 0x2, 0x7f}}, {0x0, 0x1, 0x0, 0x8}}]}, 0x298) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000100)="0f0836660f3a633ea466bad004ec9a13000000fb00f00fb18500000000670f01cb660f388054fe04660f3a0aef07cf66ba410066ed", 0x35}], 0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x8, 0x0, 0x4}}, 0x14) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:29:20 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:20 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x30, &(0x7f0000000280)={{{@in6=@local, @in=@multicast1}}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, @in=@empty}}, 0xe8) 01:29:20 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05", 0x95, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:20 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 877.039381][T21211] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 877.047386][T21211] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 877.096032][T21211] F2FS-fs (loop5): invalid crc_offset: 0 [ 877.118369][T21211] F2FS-fs (loop5): invalid crc_offset: 0 [ 877.124364][T21211] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 877.139801][ T27] audit: type=1804 audit(1600651761.240:163): pid=21217 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/462/bus" dev="sda1" ino=16256 res=1 errno=0 01:29:21 executing program 4: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x10e, 0x0, &(0x7f0000000000)="9a365972", 0x4) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) keyctl$chown(0x4, 0x0, 0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000028c0)={0x298, 0x0, 0x0, [{{0x2, 0x0, 0x100, 0x4, 0x1000, 0x1, {0x2, 0x100000001, 0x8, 0x8, 0x7, 0x1, 0xae0e, 0x7, 0x80000000, 0xc000, 0x0, 0x0, 0xee00, 0x82, 0x80}}, {0x0, 0x7fff, 0x9, 0x420, '/dev/kvm\x00'}}, {{0x3, 0x1, 0x0, 0x0, 0x95, 0x6, {0x6, 0x6, 0x9, 0x36f, 0x1f, 0x0, 0x5, 0x6, 0xffffffff, 0x6000, 0x9, 0x0, 0xee01, 0xfffffffa, 0x8}}, {0x0, 0x1000, 0x9, 0x4, '/dev/kvm\x00'}}, {{0x6, 0x0, 0x101, 0x6, 0x7, 0x3, {0x3, 0x80, 0x200, 0xfff, 0x2, 0x834e, 0x100, 0x6, 0xffffff80, 0x6000, 0x2, 0x0, 0x0, 0x80000000, 0x8}}, {0x2, 0x3, 0x2, 0x9, '!+'}}, {{0x1, 0x2, 0x80000001, 0x7ff, 0xffffffff, 0x81, {0x5, 0x80000001, 0x40, 0xdb0, 0x9, 0x1, 0x5, 0xab2b, 0x8, 0x6000, 0x2, 0x0, 0x0, 0x2, 0x7f}}, {0x0, 0x1, 0x0, 0x8}}]}, 0x298) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000100)="0f0836660f3a633ea466bad004ec9a13000000fb00f00fb18500000000670f01cb660f388054fe04660f3a0aef07cf66ba410066ed", 0x35}], 0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x8, 0x0, 0x4}}, 0x14) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:29:21 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r4, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:21 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05", 0x95, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, 0xffffffffffffffff) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:21 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x0, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 877.754129][T21230] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 877.762496][T21230] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 877.790178][T21230] F2FS-fs (loop5): invalid crc_offset: 0 [ 877.797680][T21230] F2FS-fs (loop5): invalid crc_offset: 0 [ 877.803678][T21230] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:22 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05", 0x95, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 878.059440][ T27] audit: type=1804 audit(1600651762.160:164): pid=21241 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/463/bus" dev="sda1" ino=16263 res=1 errno=0 [ 878.459043][T21252] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 878.467179][T21252] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 878.565388][T21252] F2FS-fs (loop5): invalid crc_offset: 0 [ 878.577638][T21252] F2FS-fs (loop5): invalid crc_offset: 0 [ 878.583862][T21252] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 878.630071][T21234] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:29:22 executing program 3: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x10e, 0x0, &(0x7f0000000000)="9a365972", 0x4) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) keyctl$chown(0x4, 0x0, 0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000028c0)={0x298, 0x0, 0x0, [{{0x2, 0x0, 0x100, 0x4, 0x1000, 0x1, {0x2, 0x100000001, 0x8, 0x8, 0x7, 0x1, 0xae0e, 0x7, 0x80000000, 0xc000, 0x0, 0x0, 0xee00, 0x82, 0x80}}, {0x0, 0x7fff, 0x9, 0x420, '/dev/kvm\x00'}}, {{0x3, 0x1, 0x0, 0x0, 0x95, 0x6, {0x6, 0x6, 0x9, 0x36f, 0x1f, 0x0, 0x5, 0x6, 0xffffffff, 0x6000, 0x9, 0x0, 0xee01, 0xfffffffa, 0x8}}, {0x0, 0x1000, 0x9, 0x4, '/dev/kvm\x00'}}, {{0x6, 0x0, 0x101, 0x6, 0x7, 0x3, {0x3, 0x80, 0x200, 0xfff, 0x2, 0x834e, 0x100, 0x6, 0xffffff80, 0x6000, 0x2, 0x0, 0x0, 0x80000000, 0x8}}, {0x2, 0x3, 0x2, 0x9, '!+'}}, {{0x1, 0x2, 0x80000001, 0x7ff, 0xffffffff, 0x81, {0x5, 0x80000001, 0x40, 0xdb0, 0x9, 0x1, 0x5, 0xab2b, 0x8, 0x6000, 0x2, 0x0, 0x0, 0x2, 0x7f}}, {0x0, 0x1, 0x0, 0x8}}]}, 0x298) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000100)="0f0836660f3a633ea466bad004ec9a13000000fb00f00fb18500000000670f01cb660f388054fe04660f3a0aef07cf66ba410066ed", 0x35}], 0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x8, 0x0, 0x4}}, 0x14) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:29:23 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, 0x0, 0x0) 01:29:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, 0xffffffffffffffff) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:23 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100", 0xae, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:23 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x0, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:23 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100", 0xae, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 879.539624][ T27] audit: type=1804 audit(1600651763.640:165): pid=21275 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/464/bus" dev="sda1" ino=16265 res=1 errno=0 [ 879.661607][T21277] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 879.671659][T21277] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 879.695303][T21277] F2FS-fs (loop5): invalid crc_offset: 0 [ 879.703013][T21277] F2FS-fs (loop5): invalid crc_offset: 0 [ 879.708980][T21277] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:24 executing program 4: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x10e, 0x0, &(0x7f0000000000)="9a365972", 0x4) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) keyctl$chown(0x4, 0x0, 0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000028c0)={0x298, 0x0, 0x0, [{{0x2, 0x0, 0x100, 0x4, 0x1000, 0x1, {0x2, 0x100000001, 0x8, 0x8, 0x7, 0x1, 0xae0e, 0x7, 0x80000000, 0xc000, 0x0, 0x0, 0xee00, 0x82, 0x80}}, {0x0, 0x7fff, 0x9, 0x420, '/dev/kvm\x00'}}, {{0x3, 0x1, 0x0, 0x0, 0x95, 0x6, {0x6, 0x6, 0x9, 0x36f, 0x1f, 0x0, 0x5, 0x6, 0xffffffff, 0x6000, 0x9, 0x0, 0xee01, 0xfffffffa, 0x8}}, {0x0, 0x1000, 0x9, 0x4, '/dev/kvm\x00'}}, {{0x6, 0x0, 0x101, 0x6, 0x7, 0x3, {0x3, 0x80, 0x200, 0xfff, 0x2, 0x834e, 0x100, 0x6, 0xffffff80, 0x6000, 0x2, 0x0, 0x0, 0x80000000, 0x8}}, {0x2, 0x3, 0x2, 0x9, '!+'}}, {{0x1, 0x2, 0x80000001, 0x7ff, 0xffffffff, 0x81, {0x5, 0x80000001, 0x40, 0xdb0, 0x9, 0x1, 0x5, 0xab2b, 0x8, 0x6000, 0x2, 0x0, 0x0, 0x2, 0x7f}}, {0x0, 0x1, 0x0, 0x8}}]}, 0x298) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000100)="0f0836660f3a633ea466bad004ec9a13000000fb00f00fb18500000000670f01cb660f388054fe04660f3a0aef07cf66ba410066ed", 0x35}], 0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x8, 0x0, 0x4}}, 0x14) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:29:24 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, 0x0, 0x0) 01:29:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, 0xffffffffffffffff) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:24 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100", 0xae, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:24 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x0, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 880.512884][T21288] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 880.521098][T21288] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 880.591516][T21288] F2FS-fs (loop5): invalid crc_offset: 0 [ 880.630079][T21288] F2FS-fs (loop5): invalid crc_offset: 0 01:29:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 880.635857][T21288] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 880.931601][ T27] audit: type=1804 audit(1600651765.030:166): pid=21303 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/465/bus" dev="sda1" ino=16265 res=1 errno=0 [ 881.012344][T21264] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:29:25 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) 01:29:25 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, 0x0, 0x0) 01:29:25 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00", 0xba, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 881.851669][T21328] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 881.859797][T21328] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:26 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) 01:29:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 881.992073][T21328] F2FS-fs (loop5): invalid crc_offset: 0 [ 882.019745][T21328] F2FS-fs (loop5): invalid crc_offset: 0 [ 882.025577][T21328] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 882.526518][T21301] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:29:26 executing program 4: r0 = getpid() r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r1, 0x10e, 0x0, &(0x7f0000000000), 0x0) socket$inet_udplite(0x2, 0x2, 0x88) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000028c0)={0x200, 0x0, 0x0, [{{0x2, 0x0, 0x0, 0x0, 0x1000, 0x1, {0x0, 0x100000001, 0x8, 0x8, 0x7, 0x0, 0x0, 0x7, 0x80000000, 0x0, 0x0, 0x0, 0xee00, 0x0, 0x80}}, {0x0, 0x7fff, 0x9, 0x0, '/dev/kvm\x00'}}, {{0x3, 0x0, 0x0, 0x0, 0x95, 0x6, {0x6, 0x6, 0x9, 0x0, 0x1f, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x9, 0x0, 0xee01, 0xfffffffa, 0x8}}, {0x0, 0x0, 0x9, 0x0, '/dev/kvm\x00'}}, {{0x0, 0x0, 0x101, 0x6, 0x0, 0x3, {0x0, 0x80, 0x200, 0xfff, 0x2, 0x834e, 0x0, 0x6, 0xffffff80, 0x0, 0x2, 0x0, 0x0, 0x80000000}}, {0x2, 0x3, 0x2, 0x0, '!+'}}]}, 0x200) sched_setscheduler(r0, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:29:26 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(0x0, 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:26 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) 01:29:26 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00", 0xba, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:26 executing program 3: clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() r1 = gettid() tkill(r1, 0x14) ptrace(0x10, r0) ptrace$peeksig(0x4202, r0, 0x0, 0x0) 01:29:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) dup3(r2, r1, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 882.986801][ T27] audit: type=1804 audit(1600651767.080:167): pid=21355 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/466/bus" dev="sda1" ino=16270 res=1 errno=0 01:29:27 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(0x0, 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 883.109131][T21359] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 883.117412][T21359] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:27 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) [ 883.282648][T21359] F2FS-fs (loop5): invalid crc_offset: 0 [ 883.316747][T21359] F2FS-fs (loop5): invalid crc_offset: 0 [ 883.322760][T21359] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) dup3(r2, r1, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 883.683865][ T27] audit: type=1804 audit(1600651767.781:168): pid=21383 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/467/bus" dev="sda1" ino=16278 res=1 errno=0 01:29:27 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00", 0xba, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:28 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') setns(r0, 0x0) memfd_create(0x0, 0x0) 01:29:28 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x40}}, 0x0) 01:29:28 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(0x0, 0x9) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 884.204885][T21403] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 884.212898][T21403] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) dup3(r2, r1, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) r4 = fcntl$dupfd(r3, 0x0, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 884.330148][T21403] F2FS-fs (loop5): invalid crc_offset: 0 [ 884.401263][T21403] F2FS-fs (loop5): invalid crc_offset: 0 [ 884.407242][T21403] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 884.481256][ T27] audit: type=1804 audit(1600651768.581:169): pid=21412 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/468/bus" dev="sda1" ino=15988 res=1 errno=0 01:29:28 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x40}}, 0x0) 01:29:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 885.029619][T21426] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 885.094602][T21431] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. 01:29:29 executing program 3: open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x1000f4) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x4) r3 = getpgid(0x0) write(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfffffef3) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r4, r4, 0x0, 0x8080fffffffe) 01:29:29 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000", 0xc0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:29 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:29 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x40}}, 0x0) 01:29:29 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_GET_THP_DISABLE(0x2a) 01:29:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 886.078769][T21449] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 886.086747][T21449] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:30 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5], 0x40}}, 0x0) [ 886.189410][ T27] audit: type=1804 audit(1600651770.291:170): pid=21446 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/469/bus" dev="sda1" ino=16304 res=1 errno=0 [ 886.209084][T21449] F2FS-fs (loop5): invalid crc_offset: 0 [ 886.293485][T21449] F2FS-fs (loop5): invalid crc_offset: 0 [ 886.299709][T21449] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:30 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x61, &(0x7f00000001c0)=@l2tp={0x2, 0x0, @multicast2}, 0x80) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') setns(r0, 0x0) memfd_create(0x0, 0x0) 01:29:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 886.573094][T21466] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:30 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000", 0xc0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:30 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5], 0x40}}, 0x0) [ 887.099011][T21477] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 887.107024][T21477] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 887.268086][T21477] F2FS-fs (loop5): invalid crc_offset: 0 [ 887.308230][T21477] F2FS-fs (loop5): invalid crc_offset: 0 [ 887.314130][T21477] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:31 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x0, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 887.400328][T21487] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:31 executing program 3: clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() r1 = gettid() tkill(r1, 0x14) ptrace(0x10, r0) ptrace$peeksig(0x4203, r0, 0x0, &(0x7f0000000200)) 01:29:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:31 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x61, &(0x7f00000001c0)=@l2tp={0x2, 0x0, @multicast2}, 0x80) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') setns(r0, 0x0) memfd_create(0x0, 0x0) 01:29:31 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5], 0x40}}, 0x0) 01:29:31 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000", 0xc0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 887.736413][ T27] audit: type=1804 audit(1600651771.831:171): pid=21491 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/470/bus" dev="sda1" ino=16249 res=1 errno=0 01:29:32 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x0, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, 0x0) [ 888.208183][T21510] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 888.238067][T21511] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 888.245986][T21511] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') setns(r0, 0x0) memfd_create(0x0, 0x0) [ 888.288292][T21511] F2FS-fs (loop5): invalid crc_offset: 0 [ 888.300324][T21511] F2FS-fs (loop5): invalid crc_offset: 0 [ 888.306179][T21511] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:32 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000400000", 0xc3, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:32 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB], 0x40}}, 0x0) [ 888.659126][ T27] audit: type=1804 audit(1600651772.761:172): pid=21517 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/471/bus" dev="sda1" ino=16249 res=1 errno=0 01:29:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, 0x0) 01:29:33 executing program 3: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c63, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_mtu(r1, 0x0, 0xa, 0x0, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e23, @local={0xac, 0x9, 0xf}}, {0x2, 0x4e23, @empty}, {0x2, 0x4e22, @local}, 0x84, 0x0, 0x0, 0x0, 0x181, &(0x7f00000004c0)='veth1_to_team\x00', 0x800, 0x96030003, 0x7f}) sendto$inet(r1, 0x0, 0x0, 0x20000801, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) prctl$PR_CAPBSET_READ(0x17, 0x0) setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000300)='wg1\x00', 0x4) perf_event_open(&(0x7f0000000340)={0x5, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x3, 0x70, 0x1, 0x89, 0x8e, 0x3, 0x0, 0x1ff, 0x92210, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, @perf_config_ext={0x3ff, 0x7ff}, 0x1812, 0x7, 0x800, 0x5, 0x7ff, 0x4, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="50000000100001929ac17dbf0dd5720000000000", @ANYRES32=0x0, @ANYBLOB="0052000000e90000e87650e4300016802ce6008028026ed6d88c7e246821010000000000ffffffdf000100050000000000000000000000009a8e6c0b5e6e337d568d3d76585ca9203b11660e5f59a2263fbf4e62add0cec92a8f7e34ca489f60140190d9bdfe2957e343b31578486a50e96f828cc6"], 0x50}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000480)={'syztnl0\x00', &(0x7f0000000400)={'ip6_vti0\x00', 0x0, 0x4, 0xe0, 0x80, 0x7, 0x10, @loopback, @empty, 0x80, 0x40, 0x20, 0x6}}) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f00000000c0)=@proc={0x10, 0x0, 0x25dfdbfc, 0x100000}, 0xc, &(0x7f00000003c0)=[{&(0x7f00000005c0)={0x348, 0x38, 0x0, 0x70bd2c, 0x25dfdbfe, "", [@nested={0x241, 0x6a, 0x0, 0x1, [@generic="53c89f16d962606bd97b952c87252c9e8dcfead6e817f17c6d5f4e6f36ea56b6cd68126e4287cb090fe7c5b43c8617f9dc9954ab05c2c6b13412c5c1aaab9095afeaa357e339d5a6e297157a2b3ab4eb128bb091eba44eb42c38350c028c3a6044d0788e6d608881b121b501f02fcd797f5c6af65bee66b203120a2605ee4d2bb4f7c50662ac2dfb2ef4a0e55c3f678a2421e8c56b7ad83d13ed963c983c5ace7d12a35a7b1ef5d864110d74227bbe92cbf83c75d7bfde1028c91cd33822833248f467e546b0717bd1d88e018063d3ba91301a0c73176fbd7c524319e1ed0e81ada9402a67ef370a071368b456dcfdb8bc8405e8db08c1a6", @typed={0x14, 0x15, 0x0, 0x0, @ipv6=@mcast2}, @generic="dec48310c0830325c27de8aec23003d09c24130567c8b417a385e00716e999bd57c0e64f6e1b5afad8f31f9994f892a85134dd6647ae64557d4fa6ca5f1d0fb8d6236d844aca6405661476dc8860ec18a67f1aa97c7521e5a0582ab61146ba5b29b8ba99f40eb4646988e41423c21f5bcee77ff0df4971b001a0d612eabf302950ffdce5133b70d49747e9629a0d3f87d092573b70164382c4435af46c713902a8fc9e489ee14d49c29b4187029b3372400a182ebc39de3fc183", @typed={0x8, 0x94, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="e055b0f188cf223b5ff6973124a46852", @typed={0xc, 0x50, 0x0, 0x0, @u64=0x6}, @generic="e7542023e2fc23ac5e6491f3003599abf5bc44ce499f3d165a99fdd9d59d1db83e0c99cdd3ad5fe791252e9ea8104138e4713f491073834b281429d353077a5d6df132e0f54425c68521cb603e488ad82eb994"]}, @typed={0x8, 0x92, 0x0, 0x0, @u32=0x99}, @generic="cbc6943baca1cea814aeb48a2e13ce02c228ba7828f0834ac582cc7cf6279beecb2e43949bbc76f7424d49554cdbd5b071643b15c08691a4d120bf3a9fcc9c70b4221ee50d82752401560d74d54699ba26653ade09a1d5d94192193b2aafe78b1ce493f60c085e8ab35d9c2b79822f40ff3e5be360b233a870c4b31f7e407a580a3ed4f6964ec836ad6081de5d9c9f7ca6655ba4af0085248f806c1ea776e819c803b5615c769be274c71be8d33c51d1105d62c7c8f567517be8317d3fdfad4b506ff6473f8dfca08e3e90029d99450d658c937bfd522c5792202d8b527b190a5d0e8dc621480fddad"]}, 0x348}, {&(0x7f0000000940)={0xc8, 0x9, 0x200, 0x70bd2d, 0x25dfdbff, "", [@generic="b4ed8043ba67eaa741146a83c0b734949245fc67c01ae8a1c7960cdd449d75eb158a1f2e971d6221fae36bda4dc09df020acf9e4694787a9990a51f5aa37353617272c89885aa2398f89f89709a2ae372be68d53164f1ef577fdaf8a3dab1afe4f4d7106e7ebcb13e6eb51cf3ab4fe733d644260694f3d37c874eea37d070c9d81184dbadfdad12c3207640cb871a4dcd3c90dd87f4f62f9ed4ee2d36d521cada5aa111b8c090dcd8f18b07922354b422aac888c1ae9"]}, 0xc8}], 0x2, &(0x7f0000000c40)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r0]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}], 0x80, 0x84}, 0x40800) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = getpid() r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp6\x00') preadv(r4, &(0x7f0000000200)=[{&(0x7f0000000100)=""/210, 0xd2}], 0x1, 0x20, 0x4) migrate_pages(r3, 0x5, &(0x7f0000000200)=0xb02, &(0x7f0000000240)=0x1) write$cgroup_type(r2, &(0x7f0000000080)='threaded\x00', 0xd10a) 01:29:33 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x0, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:33 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000002500)=[{&(0x7f0000000000)=""/28, 0x1c}], 0x1) [ 889.032352][T21536] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 889.040741][T21536] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 889.054616][T21536] F2FS-fs (loop5): invalid crc_offset: 0 [ 889.067082][T21536] F2FS-fs (loop5): invalid crc_offset: 0 [ 889.073071][T21536] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 889.106831][T21538] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:33 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000400000", 0xc3, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:33 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB], 0x40}}, 0x0) [ 889.531881][ T27] audit: type=1804 audit(1600651773.631:173): pid=21552 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/472/bus" dev="sda1" ino=16316 res=1 errno=0 [ 889.676108][T21557] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 889.684218][T21557] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:33 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, 0x0) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 889.842092][T21557] F2FS-fs (loop5): invalid crc_offset: 0 01:29:34 executing program 4: r0 = open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) mmap(&(0x7f0000008000/0x600000)=nil, 0x600000, 0x800002, 0x10, r0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r2, 0x0, 0x0, 0x1000f4) dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = getpgid(0x0) write(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r1, &(0x7f00000001c0), 0xfffffef3) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r4, r4, 0x0, 0x8080fffffffe) [ 889.998813][T21557] F2FS-fs (loop5): invalid crc_offset: 0 [ 890.004665][T21557] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 890.032591][ T27] audit: type=1804 audit(1600651774.131:174): pid=21560 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/473/bus" dev="sda1" ino=16316 res=1 errno=0 [ 890.121358][T21563] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, 0x0) 01:29:34 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, 0x0) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:34 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000400000", 0xc3, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:34 executing program 3: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c63, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_mtu(r1, 0x0, 0xa, 0x0, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e23, @local={0xac, 0x9, 0xf}}, {0x2, 0x4e23, @empty}, {0x2, 0x4e22, @local}, 0x84, 0x0, 0x0, 0x0, 0x181, &(0x7f00000004c0)='veth1_to_team\x00', 0x800, 0x96030003, 0x7f}) sendto$inet(r1, 0x0, 0x0, 0x20000801, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) prctl$PR_CAPBSET_READ(0x17, 0x0) setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000300)='wg1\x00', 0x4) perf_event_open(&(0x7f0000000340)={0x5, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x3, 0x70, 0x1, 0x89, 0x8e, 0x3, 0x0, 0x1ff, 0x92210, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, @perf_config_ext={0x3ff, 0x7ff}, 0x1812, 0x7, 0x800, 0x5, 0x7ff, 0x4, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="50000000100001929ac17dbf0dd5720000000000", @ANYRES32=0x0, @ANYBLOB="0052000000e90000e87650e4300016802ce6008028026ed6d88c7e246821010000000000ffffffdf000100050000000000000000000000009a8e6c0b5e6e337d568d3d76585ca9203b11660e5f59a2263fbf4e62add0cec92a8f7e34ca489f60140190d9bdfe2957e343b31578486a50e96f828cc6"], 0x50}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000480)={'syztnl0\x00', &(0x7f0000000400)={'ip6_vti0\x00', 0x0, 0x4, 0xe0, 0x80, 0x7, 0x10, @loopback, @empty, 0x80, 0x40, 0x20, 0x6}}) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f00000000c0)=@proc={0x10, 0x0, 0x25dfdbfc, 0x100000}, 0xc, &(0x7f00000003c0)=[{&(0x7f00000005c0)={0x348, 0x38, 0x0, 0x70bd2c, 0x25dfdbfe, "", [@nested={0x241, 0x6a, 0x0, 0x1, [@generic="53c89f16d962606bd97b952c87252c9e8dcfead6e817f17c6d5f4e6f36ea56b6cd68126e4287cb090fe7c5b43c8617f9dc9954ab05c2c6b13412c5c1aaab9095afeaa357e339d5a6e297157a2b3ab4eb128bb091eba44eb42c38350c028c3a6044d0788e6d608881b121b501f02fcd797f5c6af65bee66b203120a2605ee4d2bb4f7c50662ac2dfb2ef4a0e55c3f678a2421e8c56b7ad83d13ed963c983c5ace7d12a35a7b1ef5d864110d74227bbe92cbf83c75d7bfde1028c91cd33822833248f467e546b0717bd1d88e018063d3ba91301a0c73176fbd7c524319e1ed0e81ada9402a67ef370a071368b456dcfdb8bc8405e8db08c1a6", @typed={0x14, 0x15, 0x0, 0x0, @ipv6=@mcast2}, @generic="dec48310c0830325c27de8aec23003d09c24130567c8b417a385e00716e999bd57c0e64f6e1b5afad8f31f9994f892a85134dd6647ae64557d4fa6ca5f1d0fb8d6236d844aca6405661476dc8860ec18a67f1aa97c7521e5a0582ab61146ba5b29b8ba99f40eb4646988e41423c21f5bcee77ff0df4971b001a0d612eabf302950ffdce5133b70d49747e9629a0d3f87d092573b70164382c4435af46c713902a8fc9e489ee14d49c29b4187029b3372400a182ebc39de3fc183", @typed={0x8, 0x94, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="e055b0f188cf223b5ff6973124a46852", @typed={0xc, 0x50, 0x0, 0x0, @u64=0x6}, @generic="e7542023e2fc23ac5e6491f3003599abf5bc44ce499f3d165a99fdd9d59d1db83e0c99cdd3ad5fe791252e9ea8104138e4713f491073834b281429d353077a5d6df132e0f54425c68521cb603e488ad82eb994"]}, @typed={0x8, 0x92, 0x0, 0x0, @u32=0x99}, @generic="cbc6943baca1cea814aeb48a2e13ce02c228ba7828f0834ac582cc7cf6279beecb2e43949bbc76f7424d49554cdbd5b071643b15c08691a4d120bf3a9fcc9c70b4221ee50d82752401560d74d54699ba26653ade09a1d5d94192193b2aafe78b1ce493f60c085e8ab35d9c2b79822f40ff3e5be360b233a870c4b31f7e407a580a3ed4f6964ec836ad6081de5d9c9f7ca6655ba4af0085248f806c1ea776e819c803b5615c769be274c71be8d33c51d1105d62c7c8f567517be8317d3fdfad4b506ff6473f8dfca08e3e90029d99450d658c937bfd522c5792202d8b527b190a5d0e8dc621480fddad"]}, 0x348}, {&(0x7f0000000940)={0xc8, 0x9, 0x200, 0x70bd2d, 0x25dfdbff, "", [@generic="b4ed8043ba67eaa741146a83c0b734949245fc67c01ae8a1c7960cdd449d75eb158a1f2e971d6221fae36bda4dc09df020acf9e4694787a9990a51f5aa37353617272c89885aa2398f89f89709a2ae372be68d53164f1ef577fdaf8a3dab1afe4f4d7106e7ebcb13e6eb51cf3ab4fe733d644260694f3d37c874eea37d070c9d81184dbadfdad12c3207640cb871a4dcd3c90dd87f4f62f9ed4ee2d36d521cada5aa111b8c090dcd8f18b07922354b422aac888c1ae9"]}, 0xc8}], 0x2, &(0x7f0000000c40)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r0]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}], 0x80, 0x84}, 0x40800) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = getpid() r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp6\x00') preadv(r4, &(0x7f0000000200)=[{&(0x7f0000000100)=""/210, 0xd2}], 0x1, 0x20, 0x4) migrate_pages(r3, 0x5, &(0x7f0000000200)=0xb02, &(0x7f0000000240)=0x1) write$cgroup_type(r2, &(0x7f0000000080)='threaded\x00', 0xd10a) 01:29:34 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB], 0x40}}, 0x0) [ 890.738678][ T27] audit: type=1804 audit(1600651774.841:175): pid=21575 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/474/bus" dev="sda1" ino=16285 res=1 errno=0 [ 890.917231][T21584] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 891.002610][T21587] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 891.010878][T21587] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:35 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, 0x0) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:35 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f"], 0x40}}, 0x0) [ 891.125502][T21587] F2FS-fs (loop5): invalid crc_offset: 0 [ 891.149383][T21587] F2FS-fs (loop5): invalid crc_offset: 0 [ 891.155445][T21587] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 891.576970][ T27] audit: type=1804 audit(1600651775.671:176): pid=21595 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/475/bus" dev="sda1" ino=16285 res=1 errno=0 01:29:35 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc", 0xc5, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:35 executing program 3: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c63, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_mtu(r1, 0x0, 0xa, 0x0, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e23, @local={0xac, 0x14, 0xf}}, {0x2, 0x4e23, @empty}, {0x2, 0x4e22, @local}, 0x84, 0x0, 0x0, 0x0, 0x181, &(0x7f00000004c0)='veth1_to_team\x00', 0x800, 0x96030180, 0x7f}) sendto$inet(r1, 0x0, 0x0, 0x20000801, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) prctl$PR_CAPBSET_READ(0x17, 0x0) setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000300)='wg1\x00', 0x4) perf_event_open(&(0x7f0000000340)={0x5, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x3, 0x70, 0x1, 0x89, 0x8e, 0x3, 0x0, 0x1ff, 0x92210, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, @perf_config_ext={0x3ff, 0x7ff}, 0x1812, 0x7, 0x800, 0x5, 0x7ff, 0x4, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="50000000100001929ac17dbf0dd5720000000000", @ANYRES32=0x0, @ANYBLOB="0052000000e90000e87650e4300016802ce6008028026ed6d88c7e246821010000000000ffffffdf000100050000000000000000000000009a8e6c0b5e6e337d568d3d76585ca9203b11660e5f59a2263fbf4e62add0cec92a8f7e34ca489f60140190d9bdfe2957e343b31578486a50e96f828cc6"], 0x50}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000480)={'syztnl0\x00', &(0x7f0000000400)={'ip6_vti0\x00', 0x0, 0x4, 0xe0, 0x80, 0x7, 0x10, @loopback, @empty, 0x80, 0x40, 0x20, 0x6}}) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f00000000c0)=@proc={0x10, 0x0, 0x25dfdbfc, 0x100000}, 0xc, &(0x7f00000003c0)=[{&(0x7f00000005c0)={0x348, 0x38, 0x0, 0x70bd2c, 0x25dfdbfe, "", [@nested={0x241, 0x6a, 0x0, 0x1, [@generic="53c89f16d962606bd97b952c87252c9e8dcfead6e817f17c6d5f4e6f36ea56b6cd68126e4287cb090fe7c5b43c8617f9dc9954ab05c2c6b13412c5c1aaab9095afeaa357e339d5a6e297157a2b3ab4eb128bb091eba44eb42c38350c028c3a6044d0788e6d608881b121b501f02fcd797f5c6af65bee66b203120a2605ee4d2bb4f7c50662ac2dfb2ef4a0e55c3f678a2421e8c56b7ad83d13ed963c983c5ace7d12a35a7b1ef5d864110d74227bbe92cbf83c75d7bfde1028c91cd33822833248f467e546b0717bd1d88e018063d3ba91301a0c73176fbd7c524319e1ed0e81ada9402a67ef370a071368b456dcfdb8bc8405e8db08c1a6", @typed={0x14, 0x15, 0x0, 0x0, @ipv6=@mcast2}, @generic="dec48310c0830325c27de8aec23003d09c24130567c8b417a385e00716e999bd57c0e64f6e1b5afad8f31f9994f892a85134dd6647ae64557d4fa6ca5f1d0fb8d6236d844aca6405661476dc8860ec18a67f1aa97c7521e5a0582ab61146ba5b29b8ba99f40eb4646988e41423c21f5bcee77ff0df4971b001a0d612eabf302950ffdce5133b70d49747e9629a0d3f87d092573b70164382c4435af46c713902a8fc9e489ee14d49c29b4187029b3372400a182ebc39de3fc183", @typed={0x8, 0x94, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="e055b0f188cf223b5ff6973124a46852", @typed={0xc, 0x50, 0x0, 0x0, @u64=0x6}, @generic="e7542023e2fc23ac5e6491f3003599abf5bc44ce499f3d165a99fdd9d59d1db83e0c99cdd3ad5fe791252e9ea8104138e4713f491073834b281429d353077a5d6df132e0f54425c68521cb603e488ad82eb994"]}, @typed={0x8, 0x92, 0x0, 0x0, @u32=0x99}, @generic="cbc6943baca1cea814aeb48a2e13ce02c228ba7828f0834ac582cc7cf6279beecb2e43949bbc76f7424d49554cdbd5b071643b15c08691a4d120bf3a9fcc9c70b4221ee50d82752401560d74d54699ba26653ade09a1d5d94192193b2aafe78b1ce493f60c085e8ab35d9c2b79822f40ff3e5be360b233a870c4b31f7e407a580a3ed4f6964ec836ad6081de5d9c9f7ca6655ba4af0085248f806c1ea776e819c803b5615c769be274c71be8d33c51d1105d62c7c8f567517be8317d3fdfad4b506ff6473f8dfca08e3e90029d99450d658c937bfd522c5792202d8b527b190a5d0e8dc621480fddad"]}, 0x348}, {&(0x7f0000000940)={0xc8, 0x9, 0x200, 0x70bd2d, 0x25dfdbff, "", [@generic="b4ed8043ba67eaa741146a83c0b734949245fc67c01ae8a1c7960cdd449d75eb158a1f2e971d6221fae36bda4dc09df020acf9e4694787a9990a51f5aa37353617272c89885aa2398f89f89709a2ae372be68d53164f1ef577fdaf8a3dab1afe4f4d7106e7ebcb13e6eb51cf3ab4fe733d644260694f3d37c874eea37d070c9d81184dbadfdad12c3207640cb871a4dcd3c90dd87f4f62f9ed4ee2d36d521cada5aa111b8c090dcd8f18b07922354b422aac888c1ae9"]}, 0xc8}], 0x2, &(0x7f0000000c40)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r0]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}], 0x80, 0x84}, 0x40800) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = getpid() r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp6\x00') preadv(r4, &(0x7f0000000200)=[{&(0x7f0000000100)=""/210, 0xd2}], 0x1, 0x20, 0x4) migrate_pages(r3, 0x5, &(0x7f0000000200)=0xb02, &(0x7f0000000240)=0x1) write$cgroup_type(r2, &(0x7f0000000080)='threaded\x00', 0xd10a) 01:29:35 executing program 4: sched_setattr(0xffffffffffffffff, 0x0, 0x0) migrate_pages(0x0, 0x0, 0x0, 0x0) sched_setattr(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0xb0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x1, &(0x7f0000000200)=[{0x0}], 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 01:29:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x0, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:35 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:36 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f"], 0x40}}, 0x0) [ 892.170358][T21608] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 892.178495][T21608] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 892.193921][T21608] F2FS-fs (loop5): invalid crc_offset: 0 [ 892.207321][T21608] F2FS-fs (loop5): invalid crc value [ 892.212816][T21608] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:36 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f"], 0x40}}, 0x0) 01:29:36 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc", 0xc5, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x0, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 892.608817][ T27] audit: type=1804 audit(1600651776.711:177): pid=21621 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/476/bus" dev="sda1" ino=16378 res=1 errno=0 01:29:36 executing program 3: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000080)="5500000018007f1412fe01b2a4a280930a06000000a84306910000000b000f0035020000060000001900154002000001d40000dc1338d54400009b84136ef75afb83de44110016000d0002000000060cec4faba7d4", 0x55}], 0x1}, 0x0) 01:29:36 executing program 4: clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() r1 = gettid() tkill(r1, 0x14) ptrace(0x10, r0) ptrace$peeksig(0x4201, r0, &(0x7f00000001c0), &(0x7f0000000200)) 01:29:37 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 893.174249][T21645] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 893.182329][T21645] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 893.213853][T21650] netlink: 'syz-executor.3': attribute type 15 has an invalid length. [ 893.222477][T21650] netlink: 'syz-executor.3': attribute type 21 has an invalid length. 01:29:37 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f00"], 0x40}}, 0x0) [ 893.304020][T21645] F2FS-fs (loop5): invalid crc_offset: 0 [ 893.341873][ T27] audit: type=1804 audit(1600651777.441:178): pid=21653 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/477/bus" dev="sda1" ino=16369 res=1 errno=0 [ 893.343497][T21645] F2FS-fs (loop5): invalid crc value [ 893.373015][T21645] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x0, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:37 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:37 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc", 0xc5, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:37 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f00"], 0x40}}, 0x0) 01:29:37 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 894.137608][ T27] audit: type=1804 audit(1600651778.231:179): pid=21674 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/478/bus" dev="sda1" ino=16380 res=1 errno=0 01:29:38 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f00"], 0x40}}, 0x0) [ 894.215761][T21681] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 894.224081][T21681] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 894.232663][T21682] BTRFS: device fsid 88cbc9ea-67e0-4b3d-8392-b4c950cd68d5 devid 1 transid 7 /dev/loop3 scanned by syz-executor.3 (21682) [ 894.294211][T21682] BTRFS info (device loop3): use zlib compression, level 3 [ 894.302058][T21682] BTRFS info (device loop3): disk space caching is enabled [ 894.309845][T21682] BTRFS info (device loop3): has skinny extents [ 894.371741][T21681] F2FS-fs (loop5): invalid crc_offset: 0 [ 894.411615][T21681] F2FS-fs (loop5): invalid crc value [ 894.417428][T21681] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:38 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 894.703658][T21682] attempt to access beyond end of device [ 894.709622][T21682] loop3: rw=4096, want=43072, limit=267 [ 894.720915][ T27] audit: type=1804 audit(1600651778.821:180): pid=21703 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/479/bus" dev="sda1" ino=16382 res=1 errno=0 [ 894.727489][T21682] attempt to access beyond end of device [ 894.752260][T21682] loop3: rw=4096, want=59456, limit=267 [ 894.763914][T21682] BTRFS error (device loop3): failed to read chunk root [ 894.785633][T21682] BTRFS error (device loop3): open_ctree failed [ 894.863901][T21682] BTRFS info (device loop3): use zlib compression, level 3 [ 894.872412][T21682] BTRFS info (device loop3): disk space caching is enabled [ 894.879901][T21682] BTRFS info (device loop3): has skinny extents 01:29:39 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:39 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 894.980771][T21682] BTRFS error (device loop3): open_ctree failed [ 895.308652][T21732] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 895.316624][T21732] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 895.366711][T21732] F2FS-fs (loop5): invalid crc_offset: 0 [ 895.416066][T21732] F2FS-fs (loop5): invalid crc_offset: 0 [ 895.421961][T21732] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:40 executing program 4: open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) pipe(&(0x7f0000000140)) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r0, 0x0, 0x0, 0x1000f4) getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfffffef3) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r1, r1, 0x0, 0x8080fffffffe) 01:29:40 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:29:40 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:40 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:40 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 896.414317][T21752] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 896.422472][T21752] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 896.439894][T21752] F2FS-fs (loop5): invalid crc_offset: 0 [ 896.443001][ T27] audit: type=1804 audit(1600651780.541:181): pid=21749 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/480/bus" dev="sda1" ino=16370 res=1 errno=0 [ 896.449101][T21752] F2FS-fs (loop5): invalid crc_offset: 0 [ 896.477026][T21752] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 896.608289][T21757] BTRFS info (device loop3): use zlib compression, level 3 [ 896.615743][T21757] BTRFS info (device loop3): disk space caching is enabled [ 896.623522][T21757] BTRFS info (device loop3): has skinny extents 01:29:40 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:40 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012500)="000000000000000000000000000000000000000000080000000510ec", 0x1c, 0x601320}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 896.825760][T21757] attempt to access beyond end of device [ 896.831715][T21757] loop3: rw=4096, want=43072, limit=267 [ 896.849792][T21757] attempt to access beyond end of device [ 896.855531][T21757] loop3: rw=4096, want=59456, limit=267 01:29:41 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 896.939454][T21757] BTRFS error (device loop3): failed to read chunk root [ 897.023118][ T27] audit: type=1804 audit(1600651781.121:182): pid=21792 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/481/bus" dev="sda1" ino=16367 res=1 errno=0 [ 897.078334][T21757] BTRFS error (device loop3): open_ctree failed [ 897.113570][T21793] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) 01:29:41 executing program 4: setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000580)={0x5, {{0xa, 0x4e20, 0x0, @private1, 0x2}}, 0x0, 0x1, [{{0xa, 0x4e23, 0x1000, @local, 0xffffff91}}]}, 0x110) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) uselib(&(0x7f0000000080)='./file1\x00') chdir(&(0x7f0000000000)='./file1\x00') r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) socket(0x25, 0x80000, 0xd3ff) r2 = open(0x0, 0x600ac0, 0x20) syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r2, &(0x7f0000000380)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="00c1", @ANYRES16, @ANYRES32], 0x78}, 0x1, 0x0, 0x0, 0x40001}, 0x50) sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYRES16, @ANYBLOB="000228bd7000fbdbdf250c00000008000400000000001400018008000b007369700008000b00736970000800060001000000"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x63365fd52eed70d1) io_setup(0xc32f, &(0x7f0000001140)=0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/meminfo\x00', 0x0, 0x0) getsockopt$inet_tcp_buf(r4, 0x6, 0x1c, &(0x7f0000000180)=""/14, 0x0) statx(r0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x200, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000000340)={{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e23, 0x9, 0x4e21, 0x0, 0x2, 0xe0, 0x0, 0x62, 0x0, r5}, {0x6, 0xffffffffffffff5f, 0xda, 0x56, 0x0, 0xfffffffffffffff9, 0xfff, 0x2}, {0x9, 0xa50, 0x3, 0x5}, 0x10000, 0x6e6bb4, 0x0, 0x0, 0x3}, {{@in=@multicast2, 0x4d4, 0x33}, 0xa, @in6=@rand_addr=' \x01\x00', 0x3505, 0x0, 0x1, 0x0, 0x0, 0x3, 0x3}}, 0xe8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x4, &(0x7f0000000540)=[&(0x7f00000000c0)={0x784, 0xd, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x800010}]) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000006c0)={{0x0, 0x0, @identifier="a4af906ceb29bcd7e6f04428ec3c7c3f"}, 0x20, 0x0, [], "5d4eab51ba430a439805f0704155ca0cbe32bb88d1de0a36aaac917f349304b9"}) [ 897.121555][T21793] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) 01:29:41 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x0, &(0x7f0000000540)) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 897.274530][T21793] F2FS-fs (loop5): invalid crc_offset: 0 [ 897.309655][T21793] F2FS-fs (loop5): invalid crc_offset: 0 [ 897.315488][T21793] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:41 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:29:41 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:41 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 897.797516][ T27] audit: type=1804 audit(1600651781.891:183): pid=21807 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/482/bus" dev="sda1" ino=16377 res=1 errno=0 [ 897.990672][T21816] BTRFS info (device loop3): use zlib compression, level 3 [ 897.998395][T21816] BTRFS info (device loop3): disk space caching is enabled [ 898.005719][T21816] BTRFS info (device loop3): has skinny extents [ 898.077219][T21822] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 898.085132][T21822] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:42 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x0, &(0x7f0000000540)) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 898.243737][T21822] F2FS-fs (loop5): invalid crc_offset: 0 01:29:42 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 898.333836][T21822] F2FS-fs (loop5): SIT is corrupted node# 2 vs 7 [ 898.340739][T21822] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-117) 01:29:42 executing program 4: r0 = getpid() socket$netlink(0x10, 0x3, 0x0) setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000), 0x0) sched_setscheduler(r0, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sync() r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000100)="0f0836660f3a633ea466bad004ec9a13000000fb00f00fb18500000000670f01cb660f388054fe04660f3a0aef07cf66ba410066ed", 0x35}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, 0x0) [ 898.583847][T21816] attempt to access beyond end of device [ 898.589832][T21816] loop3: rw=4096, want=43072, limit=267 [ 898.600254][T21816] attempt to access beyond end of device [ 898.605987][T21816] loop3: rw=4096, want=59456, limit=267 01:29:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {0x0, 0xa5}]}}) [ 898.639265][ T27] audit: type=1804 audit(1600651782.741:184): pid=21848 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/483/bus" dev="sda1" ino=16371 res=1 errno=0 01:29:42 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {0x0, 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 898.729862][T21816] BTRFS error (device loop3): failed to read chunk root [ 898.837365][T21816] BTRFS error (device loop3): open_ctree failed 01:29:43 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:29:43 executing program 4: r0 = getpid() socket$netlink(0x10, 0x3, 0x0) setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000), 0x0) sched_setscheduler(r0, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sync() r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000100)="0f0836660f3a633ea466bad004ec9a13000000fb00f00fb18500000000670f01cb660f388054fe04660f3a0aef07cf66ba410066ed", 0x35}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, 0x0) 01:29:43 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x0, &(0x7f0000000540)) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:43 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 899.262690][T21868] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 899.271229][T21868] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 899.326024][T21868] F2FS-fs (loop5): invalid crc_offset: 0 [ 899.387648][T21868] F2FS-fs (loop5): invalid crc_offset: 0 [ 899.393623][T21868] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:43 executing program 4: r0 = getpid() socket$netlink(0x10, 0x3, 0x0) setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000), 0x0) sched_setscheduler(r0, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sync() r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000100)="0f0836660f3a633ea466bad004ec9a13000000fb00f00fb18500000000670f01cb660f388054fe04660f3a0aef07cf66ba410066ed", 0x35}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, 0x0) [ 899.722143][ T27] audit: type=1804 audit(1600651783.822:185): pid=21880 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/484/bus" dev="sda1" ino=15929 res=1 errno=0 01:29:43 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {0x0, 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 899.811573][T21881] BTRFS info (device loop3): use zlib compression, level 3 [ 899.819591][T21881] BTRFS info (device loop3): disk space caching is enabled [ 899.827045][T21881] BTRFS info (device loop3): has skinny extents 01:29:44 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[0x0]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:44 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 900.201521][ T27] audit: type=1804 audit(1600651784.302:186): pid=21902 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/485/bus" dev="sda1" ino=15929 res=1 errno=0 [ 900.235525][T21881] attempt to access beyond end of device [ 900.241709][T21881] loop3: rw=4096, want=43072, limit=267 01:29:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4}}) [ 900.294592][T21881] attempt to access beyond end of device [ 900.300576][T21881] loop3: rw=4096, want=59456, limit=267 [ 900.333024][T21911] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 900.341723][T21911] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 900.344106][T21881] BTRFS error (device loop3): failed to read chunk root [ 900.381116][T21909] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:44 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[0x0]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 900.403818][T21911] F2FS-fs (loop5): invalid crc_offset: 0 [ 900.453990][T21911] F2FS-fs (loop5): invalid crc_offset: 0 [ 900.460431][T21911] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:44 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 900.577065][T21881] BTRFS error (device loop3): open_ctree failed 01:29:44 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {0x0, 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 900.922970][T21920] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:45 executing program 3: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:29:45 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x13, 0x10, 0x3}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0xb, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r2, @ANYBLOB="00000000000000009500000000000000613756ca1fdec1cb8e17cda153ad0726c89cdaceec68f0d9a3b3ecf09b358159c3273494be17dbfe5c89a7a3da82c7c281f50a0f60206d0e9a4f04ecdf23fe38034b25b3378ebfba332eb9a44406e023c2f9467e079d39e91b0401818513f81839e262c27ed72705f0207d917e7b1314227b002049aa5da6965c5d8bcb7139c535ab17363c1947301ac0f2418894458e2ef584d4e3887d81651ef59a648ddda847af23e32b9e82cc177d5da467ab5d51b53854398729005f549670aa5eb3cf8ebfe1c146f28f7e09e83f5353520cd1f8e3cf30a5d59be6124b05dcc7b4b423fdb038434ed37d405f9073909b16ac971e80ba4e2943a8648966b3076bf7f6c3bb34"], &(0x7f0000000440)='syzkaller\x00', 0x5, 0x270, &(0x7f0000000200)=""/144, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x212, 0x10, &(0x7f0000000000), 0xfffffffffffffea8}, 0x48) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv0\x00'}) [ 900.966727][ T27] audit: type=1804 audit(1600651785.062:187): pid=21918 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/486/bus" dev="sda1" ino=15882 res=1 errno=0 01:29:45 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:45 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[0x0]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4}}) [ 901.404859][T21933] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 901.413018][T21933] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 901.506878][ T27] audit: type=1804 audit(1600651785.602:188): pid=21938 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/487/bus" dev="sda1" ino=15858 res=1 errno=0 [ 901.605135][T21933] F2FS-fs (loop5): invalid crc_offset: 0 [ 901.638718][T21941] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:45 executing program 3: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 901.702838][T21933] F2FS-fs (loop5): invalid crc_offset: 0 [ 901.708949][T21933] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:46 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:46 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB, @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:46 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00), 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 902.471889][ T27] audit: type=1804 audit(1600651786.572:189): pid=21961 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/488/bus" dev="sda1" ino=15858 res=1 errno=0 01:29:46 executing program 3: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 902.647860][T21964] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:46 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 902.788655][T21968] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 902.797359][T21968] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup3(r2, r1, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3) r5 = fcntl$dupfd(r4, 0x0, r1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfa4}}) [ 902.869503][T21968] F2FS-fs (loop5): invalid crc_offset: 0 [ 902.886808][T21968] F2FS-fs (loop5): invalid crc_offset: 0 [ 902.892678][T21968] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:47 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB, @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 903.238291][ T27] audit: type=1804 audit(1600651787.332:190): pid=21975 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/489/bus" dev="sda1" ino=15930 res=1 errno=0 01:29:47 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x30, &(0x7f0000000280)={{{@in6=@local, @in=@multicast1}}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, @in=@empty}}, 0xe8) 01:29:47 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00), 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:47 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 903.410294][T21981] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:47 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 903.598307][T21991] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 903.606459][T21991] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 903.720288][T21991] F2FS-fs (loop5): invalid crc_offset: 0 01:29:47 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB, @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 903.794851][T21991] F2FS-fs (loop5): invalid crc_offset: 0 [ 903.800962][T21991] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:48 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 904.190994][ T27] audit: type=1804 audit(1600651788.292:191): pid=22003 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/490/bus" dev="sda1" ino=15862 res=1 errno=0 01:29:48 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00), 0x0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 904.263964][T22006] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:48 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x2df) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000013, &(0x7f0000000100), 0x4) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) close(r0) 01:29:48 executing program 2: openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) pipe(&(0x7f0000000100)) syz_open_dev$video4linux(&(0x7f0000000280)='/dev/v4l-subdev#\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair(0x0, 0xa, 0x0, 0x0) pselect6(0x2000, &(0x7f00000000c0), 0x0, &(0x7f0000000000)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) 01:29:48 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:48 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="8308000000000000180012800800", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 904.806203][T22013] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 904.814585][T22013] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x0, 0x0, 0x0, 0x0) add_key$keyring(&(0x7f0000000080)='keyring\x00', 0x0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140), 0xc, 0x0}, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x40000008, 0xfffffffffffffffd, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f00000000c0)}, 0x44140, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 904.975713][T22013] F2FS-fs (loop5): invalid crc_offset: 0 [ 905.033916][ T27] audit: type=1804 audit(1600651789.132:192): pid=22024 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/491/bus" dev="sda1" ino=16068 res=1 errno=0 [ 905.041182][T22023] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 905.066104][T22013] F2FS-fs (loop5): invalid crc_offset: 0 [ 905.068901][T22023] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 905.084546][T22013] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:49 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 905.248051][T22029] kvm_hv_set_msr: 52 callbacks suppressed [ 905.248211][T22029] kvm [22028]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x40000008 data 0xfffffffd00000001 [ 905.321123][T22029] kvm [22028]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x40000008 data 0xfffffffd00000057 01:29:49 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000100)='SEG6\x00') sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x2c, r1, 0x5, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x2c}, 0x1, 0x6c}, 0x0) [ 905.420351][T22029] kvm [22028]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x40000009 data 0xfffffffd0000014d 01:29:49 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffff", 0x63, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:49 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="8308000000000000180012800800", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 905.520916][T22029] kvm [22028]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000000a data 0xfffffffd0000014d [ 905.589017][T22029] kvm [22028]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000000b data 0xfffffffd0000014d [ 905.625554][T22029] kvm [22028]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000000c data 0xfffffffd0000014d [ 905.720782][T22029] kvm [22028]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000000d data 0xfffffffd0000014d [ 905.770766][ T27] audit: type=1804 audit(1600651789.872:193): pid=22039 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/492/bus" dev="sda1" ino=15847 res=1 errno=0 01:29:49 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 905.826104][T22029] kvm [22028]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000000e data 0xfffffffd0000014d [ 905.881015][T22029] kvm [22028]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000000f data 0xfffffffd0000014d [ 905.912864][T22045] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 905.920907][T22045] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 905.933292][T22045] F2FS-fs (loop5): invalid crc_offset: 0 [ 905.942521][T22045] F2FS-fs (loop5): invalid crc_offset: 0 [ 905.948492][T22045] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 905.965009][T22029] kvm [22028]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x40000011 data 0xfffffffd0000014d [ 905.976455][T22047] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 905.976497][T22047] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:50 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="8308000000000000180012800800", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:50 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:50 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffff", 0x63, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:50 executing program 2: open(&(0x7f0000000040)='./bus\x00', 0x1410c2, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x1000f4) r2 = getpgid(0x0) write(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000001c0), 0xfffffef3) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) sendfile(r3, r3, 0x0, 0x8080fffffffe) 01:29:50 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0xe, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x40) [ 906.454616][T22060] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 906.464382][T22060] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 906.581884][ T27] audit: type=1804 audit(1600651790.682:194): pid=22065 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/493/bus" dev="sda1" ino=15958 res=1 errno=0 [ 906.615038][T22066] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 906.623080][T22066] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:50 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 906.774573][T22066] F2FS-fs (loop5): invalid crc_offset: 0 [ 906.824955][T22071] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 906.834543][T22071] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 906.850215][T22066] F2FS-fs (loop5): invalid crc_offset: 0 [ 906.856297][T22066] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:51 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:51 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, 0x0}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:51 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffff", 0x63, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 907.227399][T22079] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 907.236984][T22079] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:51 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0xe, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x40) [ 907.315127][ T27] audit: type=1804 audit(1600651791.412:195): pid=22081 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/494/bus" dev="sda1" ino=16228 res=1 errno=0 01:29:51 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:51 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:29:51 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, 0x0}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 907.700467][T22087] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 907.705237][T22089] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 907.708553][T22087] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 907.718247][T22089] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 907.728815][T22087] F2FS-fs (loop5): invalid crc_offset: 0 [ 907.743620][T22087] F2FS-fs (loop5): invalid crc_offset: 0 01:29:51 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") [ 907.750571][T22087] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:52 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) ftruncate(r4, 0x200004) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x2}, 0x8) sendfile(r0, r4, 0x0, 0x80001d00c0d0) 01:29:52 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05", 0x95, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 908.101983][ T27] audit: type=1804 audit(1600651792.202:196): pid=22095 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/495/bus" dev="sda1" ino=15846 res=1 errno=0 01:29:52 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:29:52 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:52 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, 0x0}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 908.431479][T22101] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 908.439543][T22101] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 908.451042][T22101] F2FS-fs (loop5): invalid crc_offset: 0 [ 908.462781][T22101] F2FS-fs (loop5): invalid crc_offset: 0 [ 908.468859][T22101] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:52 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 908.569157][ T27] audit: type=1800 audit(1600651792.672:197): pid=22102 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.4" name="bus" dev="sda1" ino=15755 res=0 errno=0 01:29:52 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") 01:29:52 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05", 0x95, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 908.750237][T22109] BTRFS info (device loop3): use zlib compression, level 3 [ 908.757777][T22109] BTRFS info (device loop3): disk space caching is enabled [ 908.765063][T22109] BTRFS info (device loop3): has skinny extents 01:29:52 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0) [ 908.863967][ T27] audit: type=1804 audit(1600651792.962:198): pid=22115 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/496/bus" dev="sda1" ino=15958 res=1 errno=0 01:29:53 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(0x0, 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 909.075198][T22109] attempt to access beyond end of device [ 909.081403][T22109] loop3: rw=4096, want=43072, limit=267 [ 909.139423][T22134] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 909.147546][T22134] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 909.151520][T22109] attempt to access beyond end of device [ 909.159708][T22134] F2FS-fs (loop5): invalid crc_offset: 0 [ 909.162011][T22109] loop3: rw=4096, want=59456, limit=267 [ 909.170101][T22134] F2FS-fs (loop5): invalid crc_offset: 0 [ 909.179126][T22134] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:53 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 909.304904][T22109] BTRFS error (device loop3): failed to read chunk root 01:29:53 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05", 0x95, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 909.471683][T22142] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 909.480247][T22142] UDF-fs: Scanning with blocksize 512 failed [ 909.520518][T22109] BTRFS error (device loop3): open_ctree failed 01:29:53 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c000280080001", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 909.676811][T22142] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) 01:29:54 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 909.984631][T22153] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 909.992826][T22153] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 910.050771][T22153] F2FS-fs (loop5): invalid crc_offset: 0 [ 910.060015][T22153] F2FS-fs (loop5): invalid crc_offset: 0 [ 910.066511][T22153] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:54 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0) 01:29:54 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c000280080001", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:54 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") 01:29:54 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100", 0xae, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:54 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(0x0, 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 910.505044][T22160] BTRFS info (device loop3): use zlib compression, level 3 [ 910.512587][T22160] BTRFS info (device loop3): disk space caching is enabled [ 910.520053][T22160] BTRFS info (device loop3): has skinny extents 01:29:54 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c000280080001", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 910.784577][T22160] attempt to access beyond end of device [ 910.790625][T22160] loop3: rw=4096, want=43072, limit=267 01:29:54 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") [ 910.833606][T22160] attempt to access beyond end of device [ 910.839604][T22160] loop3: rw=4096, want=59456, limit=267 [ 910.849767][T22160] BTRFS error (device loop3): failed to read chunk root [ 910.905604][T22184] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 910.913771][T22184] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 910.941550][T22160] BTRFS error (device loop3): open_ctree failed [ 910.998278][T22188] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 911.006282][T22188] UDF-fs: Scanning with blocksize 512 failed [ 911.026189][T22188] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) [ 911.153168][T22184] F2FS-fs (loop5): invalid crc_offset: 0 [ 911.221208][T22184] F2FS-fs (loop5): invalid crc_offset: 0 [ 911.227511][T22184] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:55 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:29:55 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0) [ 911.435948][T22198] __nla_validate_parse: 8 callbacks suppressed [ 911.435982][T22198] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:55 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100", 0xae, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:55 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:56 executing program 2: ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") [ 911.942120][T22206] BTRFS error (device loop3): superblock checksum mismatch [ 911.970940][T22210] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 911.980679][T22206] BTRFS error (device loop3): open_ctree failed 01:29:56 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(0x0, 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 912.030905][T22209] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 912.039264][T22209] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:56 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 912.216564][T22213] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 912.224455][T22213] UDF-fs: Scanning with blocksize 512 failed [ 912.302734][T22209] F2FS-fs (loop5): invalid crc_offset: 0 [ 912.369185][T22209] F2FS-fs (loop5): invalid crc_offset: 0 [ 912.375028][T22209] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 912.416537][T22213] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) 01:29:56 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:29:56 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100", 0xae, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 912.704111][T22226] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:56 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0) 01:29:56 executing program 2: ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") 01:29:57 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff0000000000", @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 912.993023][T22230] BTRFS error (device loop3): superblock checksum mismatch [ 913.092605][T22230] BTRFS error (device loop3): open_ctree failed [ 913.100882][T22234] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 913.109048][T22234] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 913.223739][T22234] F2FS-fs (loop5): invalid crc_offset: 0 [ 913.307491][T22234] F2FS-fs (loop5): invalid crc_offset: 0 [ 913.313445][T22234] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:29:57 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 913.396408][T22241] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 913.404333][T22241] UDF-fs: Scanning with blocksize 512 failed [ 913.428045][T22241] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) 01:29:57 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:57 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) 01:29:57 executing program 2: ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") [ 913.678907][T22247] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 01:29:57 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00", 0xba, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:58 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 913.997730][T22253] BTRFS error (device loop3): superblock checksum mismatch [ 914.008612][T22253] BTRFS error (device loop3): open_ctree failed [ 914.130367][ T27] audit: type=1804 audit(1600651798.222:199): pid=22257 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/500/bus" dev="sda1" ino=16375 res=1 errno=0 [ 914.252987][T22260] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 914.261309][T22260] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:29:58 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:29:58 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") 01:29:58 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {0x0, 0x0, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 914.341311][T22264] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 914.349414][T22264] UDF-fs: Scanning with blocksize 512 failed [ 914.480477][T22260] F2FS-fs (loop5): invalid crc_offset: 0 [ 914.524281][T22260] F2FS-fs (loop5): invalid crc_offset: 0 [ 914.530307][T22260] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 914.568256][T22264] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) 01:29:59 executing program 4: syz_mount_image$udf(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) 01:29:59 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00", 0xba, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:29:59 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 914.991460][T22275] BTRFS error (device loop3): superblock checksum mismatch [ 915.079266][T22275] BTRFS error (device loop3): open_ctree failed 01:29:59 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:29:59 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") 01:29:59 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {0x0, 0x0, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 915.401605][T22284] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 915.409885][T22284] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 915.578189][T22284] F2FS-fs (loop5): invalid crc_offset: 0 01:29:59 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 915.676412][T22284] F2FS-fs (loop5): invalid crc_offset: 0 [ 915.682263][T22284] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 915.710611][ T27] audit: type=1804 audit(1600651799.812:200): pid=22293 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/501/bus" dev="sda1" ino=16378 res=1 errno=0 01:29:59 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") [ 915.829312][T22296] BTRFS error (device loop3): superblock checksum mismatch [ 915.859909][T22296] BTRFS error (device loop3): open_ctree failed 01:30:00 executing program 4: syz_mount_image$udf(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) 01:30:00 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {0x0, 0x0, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:30:00 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00", 0xba, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:30:00 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:30:00 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000000)="5cd662bcf6df") 01:30:00 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:30:00 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 916.740375][T22313] BTRFS error (device loop3): superblock checksum mismatch [ 916.761663][T22313] BTRFS error (device loop3): open_ctree failed [ 916.771455][T22316] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 916.779720][T22316] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:30:01 executing program 4: syz_mount_image$udf(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) [ 916.892527][T22316] F2FS-fs (loop5): invalid crc_offset: 0 [ 916.914160][T22316] F2FS-fs (loop5): invalid crc_offset: 0 [ 916.920695][T22316] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:30:01 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400), 0x0, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 917.181174][ T27] audit: type=1804 audit(1600651801.283:201): pid=22326 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/502/bus" dev="sda1" ino=16377 res=1 errno=0 01:30:01 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000", 0xc0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:30:01 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffff", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:30:01 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, 0x0) [ 917.540090][T22335] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 917.630466][T22336] BTRFS error (device loop3): superblock checksum mismatch [ 917.731064][T22336] BTRFS error (device loop3): open_ctree failed 01:30:02 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', 0x0, 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) 01:30:02 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffff", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:30:02 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:30:02 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400), 0x0, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 918.157785][T22345] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 918.166085][T22345] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:30:02 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, 0x0) [ 918.343270][T22345] F2FS-fs (loop5): invalid crc_offset: 0 [ 918.375052][T22345] F2FS-fs (loop5): invalid crc_offset: 0 [ 918.381106][T22345] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 918.619103][T22358] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 918.664627][T22360] BTRFS error (device loop3): superblock checksum mismatch 01:30:02 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000", 0xc0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 918.708171][T22360] BTRFS error (device loop3): open_ctree failed [ 918.723374][ T27] audit: type=1804 audit(1600651802.823:202): pid=22362 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/503/bus" dev="sda1" ino=16369 res=1 errno=0 01:30:03 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', 0x0, 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) 01:30:03 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffff", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:30:03 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, 0x0) 01:30:03 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400), 0x0, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 919.242787][T22370] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 919.250844][T22370] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:30:03 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', 0x0, 0x0, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) [ 919.415961][T22370] F2FS-fs (loop5): invalid crc_offset: 0 [ 919.431230][T22370] F2FS-fs (loop5): invalid crc_offset: 0 [ 919.437346][T22370] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 919.466307][T22378] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. 01:30:03 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)) [ 919.734589][T22382] BTRFS error (device loop3): superblock checksum mismatch 01:30:03 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:30:03 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:30:03 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000", 0xc0, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 919.857001][T22382] BTRFS error (device loop3): open_ctree failed 01:30:04 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d001000000000600000000000000000000080000000000300200000000000100"/314, 0x13a, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 920.212957][T22396] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. 01:30:04 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[]) [ 920.376308][T22399] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 920.384242][T22399] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 920.394897][ T27] audit: type=1804 audit(1600651804.483:203): pid=22400 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/504/bus" dev="sda1" ino=16372 res=1 errno=0 01:30:04 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)) [ 920.431848][T22399] F2FS-fs (loop5): invalid crc_offset: 0 [ 920.440010][T22399] F2FS-fs (loop5): invalid crc_offset: 0 [ 920.446187][T22399] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 920.553133][T22403] BTRFS error (device loop3): superblock checksum mismatch 01:30:04 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 920.630596][T22403] BTRFS error (device loop3): open_ctree failed 01:30:05 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000400000", 0xc3, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:30:05 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d001000000000600000000000000000000080000000000300200000000000100"/314, 0x13a, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:30:05 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)) 01:30:05 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[]) [ 921.183891][T22415] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. 01:30:05 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x8400fffffffb) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:30:05 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 921.461519][T22420] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 921.469708][T22420] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 921.551894][T22426] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 921.626353][T22420] F2FS-fs (loop5): invalid crc_offset: 0 [ 921.649943][T22424] BTRFS error (device loop3): superblock checksum mismatch [ 921.662066][T22420] F2FS-fs (loop5): invalid crc_offset: 0 [ 921.668163][T22420] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:30:05 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[]) 01:30:05 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662") 01:30:05 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 921.738942][T22424] BTRFS error (device loop3): open_ctree failed 01:30:06 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000400000", 0xc3, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:30:06 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d001000000000600000000000000000000080000000000300200000000000100"/314, 0x13a, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 922.215476][T22441] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 922.239807][ T27] audit: type=1804 audit(1600651806.343:204): pid=22438 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/505/bus" dev="sda1" ino=16371 res=1 errno=0 01:30:06 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x12, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) 01:30:06 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:30:06 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662") [ 922.666120][T22445] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 922.674003][T22445] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 922.692860][T22445] F2FS-fs (loop5): invalid crc_offset: 0 [ 922.701003][T22445] F2FS-fs (loop5): invalid crc_offset: 0 [ 922.707036][T22445] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:30:07 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a00000040000000400000", 0xc3, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 922.880152][T22448] BTRFS error (device loop3): superblock checksum mismatch [ 922.919497][T22448] BTRFS error (device loop3): open_ctree failed [ 922.965550][T22451] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 922.973597][T22451] UDF-fs: Scanning with blocksize 512 failed 01:30:07 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 923.105757][T22459] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 923.113837][T22459] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 923.126092][T22459] F2FS-fs (loop5): invalid crc_offset: 0 [ 923.134414][T22459] F2FS-fs (loop5): invalid crc_offset: 0 [ 923.140916][T22459] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:30:07 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc", 0xc5, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 923.238685][T22462] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 923.250813][T22451] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) 01:30:07 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d001000000000600000000000000000000080000000000300200000000000100"/471, 0x1d7, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:30:07 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}, {&(0x7f0000012400)="01010200240001001bbc18003000000001000a0000040000200000000000000000000000000000000101020025000100863e2c003000000001000116000400004000000000000000100000000000084e6f6e2d416c6c6f63617461626c652053706163650101020029000100ebed1c0030000000010002060004000021000000000000001100000000000866696c6530", 0x90, 0x150000}], 0x0, &(0x7f0000000140)=ANY=[]) 01:30:07 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:30:07 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662") [ 923.750138][T22468] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 923.758316][T22468] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 923.884534][T22468] F2FS-fs (loop5): invalid crc_offset: 0 [ 923.903525][T22474] BTRFS error (device loop3): superblock checksum mismatch [ 923.911885][T22474] BTRFS error (device loop3): open_ctree failed [ 923.918205][ T27] audit: type=1804 audit(1600651808.023:205): pid=22471 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/506/bus" dev="sda1" ino=16367 res=1 errno=0 [ 923.946966][T22468] F2FS-fs (loop5): invalid crc value [ 923.952810][T22468] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:30:08 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc", 0xc5, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) [ 924.310837][T22482] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. 01:30:08 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d001000000000600000000000000000000080000000000300200000000000100"/471, 0x1d7, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:30:08 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff00000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 924.604567][T22485] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 924.612621][T22485] UDF-fs: Scanning with blocksize 512 failed 01:30:08 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 924.764527][T22485] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) 01:30:08 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662bcf6") [ 924.842438][T22492] BTRFS error (device loop3): superblock checksum mismatch [ 924.851447][T22492] BTRFS error (device loop3): open_ctree failed [ 924.938413][T22491] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 924.946830][T22491] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 925.022022][T22491] F2FS-fs (loop5): invalid crc_offset: 0 [ 925.077131][ T27] audit: type=1804 audit(1600651809.183:206): pid=22500 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/507/bus" dev="sda1" ino=16376 res=1 errno=0 [ 925.136742][T22491] F2FS-fs (loop5): invalid crc value [ 925.142366][T22491] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 925.167987][T22501] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. 01:30:09 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x10, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}, {&(0x7f0000011900)="0501020005000100774320012100000000000000040000000100000400000000000003000000000000000000a57c00000100000000000000800000000000000000000000000000000010e4070913122c1a370e480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e7578205544464653000000000000000000000004050000000000001100000000000000000000008000000001010200150001001bbc18002100000001000a000004000020000000000000000000000000000000010102008200010042fe1c0021000000010000060004000022000000000000001200000000000866696c653001010200b60001000f651c0021000000010000060004000025000000000000001300000000000866696c6531", 0x130, 0x14c400}], 0x0, &(0x7f0000000140)=ANY=[]) 01:30:09 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff00000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) 01:30:09 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d001000000000600000000000000000000080000000000300200000000000100"/471, 0x1d7, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:30:09 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc", 0xc5, 0x604fe0}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:30:10 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662bcf6") [ 925.833760][T22510] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 925.954729][T22515] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 925.962654][T22515] UDF-fs: Scanning with blocksize 512 failed [ 925.982546][T22515] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) [ 926.031121][T22519] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 926.039107][T22519] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 01:30:10 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000940)={0xa, 0x0, 0x0, @empty}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100039f4ffffffffffffff00000000", @ANYRES32, @ANYBLOB="83080000000000001800128008000100736974000c00028008000100", @ANYRES32=r5, @ANYBLOB="08001f0007"], 0x40}}, 0x0) [ 926.073206][T22513] BTRFS error (device loop3): superblock checksum mismatch [ 926.075122][T22519] F2FS-fs (loop5): invalid crc_offset: 0 [ 926.088608][T22519] F2FS-fs (loop5): invalid crc value [ 926.094012][T22519] F2FS-fs (loop5): Failed to get valid F2FS checkpoint 01:30:10 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000100), 0x8080ffffff7e) [ 926.195593][T22513] BTRFS error (device loop3): open_ctree failed 01:30:10 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xf, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}, {&(0x7f0000011800)="0501020065000100badaa8002000000000000000040000000100000400000000000000000000000000000000a53c00000200000000000000440100000000000001000000000000000010e4070913122c1a0238480010e4070913122c1a370e480010e4070913122c1a370e480100000000000000000000000000000000000000002a4c696e757820554446465300000000000000000000000405000000000000000000000000000000000000080000004401000030", 0xb5, 0x14c000}], 0x0, &(0x7f0000000140)=ANY=[]) 01:30:10 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:30:10 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0", 0x226, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) [ 926.530394][T22526] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 926.677262][ T27] audit: type=1804 audit(1600651810.783:207): pid=22530 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/508/bus" dev="sda1" ino=16337 res=1 errno=0 01:30:10 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="5cd662bcf6") [ 926.870813][T22533] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 926.878993][T22533] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 927.061067][T22537] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 927.068965][T22537] UDF-fs: Scanning with blocksize 512 failed [ 927.096450][T22537] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) [ 927.165997][T22533] F2FS-fs (loop5): invalid crc_offset: 0 [ 927.205430][T22533] F2FS-fs (loop5): invalid crc_offset: 0 [ 927.211230][T22533] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 927.233198][T22540] BTRFS error (device loop3): superblock checksum mismatch [ 927.328702][T22540] BTRFS error (device loop3): open_ctree failed 01:30:11 executing program 1: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000400)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @dev, 0x1}, {0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}, r1}}, 0x48) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0x2, 0x0, 0x0, @mcast2}, {0x2, 0x0, 0xac141424, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, r1}}, 0x48) 01:30:11 executing program 4: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="010002005f0001007b8ff001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a023848002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)="000000000000000001", 0x9, 0x181e0}, {&(0x7f0000010600)="060002005400010051b0e8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e500104050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="05000200b0000100b2a3f001620000000500000001000000002b4e535230320000000000000000000000000000000000000000000000000000000000000000000004", 0x42, 0x18800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000400000010050000d0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0x188a0}, {&(0x7f0000011200)="090002002b00010083a67600800000000010e4070913122c1a3750350100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e000000ba020000d0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x20000}, {&(0x7f0000011400)="020002003700010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="000102003500010039f7f001100000007810e4070913142c1a0238480300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0x148000}, {&(0x7f0000011700)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900040000200000000000000000000000002a4f5354412055444620436f6d706c69616e74000000005001", 0xda, 0x1480e0}], 0x0, &(0x7f0000000140)=ANY=[]) 01:30:11 executing program 0: pipe(0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000000980), 0x10a9) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000140)='./bus\x00', 0xa) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}]) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffb) sendfile(0xffffffffffffffff, r0, &(0x7f0000000100), 0x8080ffffff7e) 01:30:11 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="7b3befe851dd91e500000000000000000000000000000000000000000000000088cbc9ea67e04b3d8392b4c950cd68d5000001000000000001000000000000005f42485266535f4d07000000000000000040d30100000000004050010000000000000000000000000000000000000000000000080000000000300200000000000600000000000000010000000000000000100000004000000040000000100000810000000500000000000000000000000000000000000000000000006103000000000000010000000001000000000000000000000800000000000080050000000000100000001000000010000000000000000000000000000000000000000000000000000000000000000085784719cdbc4fe28292f47cec16e5ba88cbc9ea67e04b3d8392b4c950cd68d5", 0x12b, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e400005001000000000000800000000000020000000000000000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba0000000100000000002200000000000000000001000000010000100000020001000100000000000000000050010000000085784719cdbc4fe28292f47cec16e5ba01000000000000000000d0010000000085784719cdbc4fe28292f47cec16e5ba", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0", 0x226, 0x10b20}], 0x0, &(0x7f0000000080)={[{@nossd_spread='nossd_spread'}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@compress='compress'}]}) 01:30:11 executing program 5: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c0000000900000002000000010000000000000000400000000000000b0000001e0000000200000002000000020000000200000016000000000400000004000000080000000c0000001000000014000003000000010000000200", 0x6a, 0x400}, {0x0}, {&(0x7f0000011f00)="72f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xa6, 0x600000}, {&(0x7f0000012000)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x600fe0}, {&(0x7f0000012100)="00000000000000000000000000000000000000000000000000000006", 0x1c, 0x6011e0}, {&(0x7f0000012400)="0000000000000006000000020c60", 0xe, 0x6012e0}, {&(0x7f0000012c00)="000000000000000000000000000000000000000000000000000000010000000072f4ab0c0000000000020000000000000b0000000000000015000000150000001000000006000000080000000a000000ffffffffffffffffffffffffffffffffffffffff03000600000000000000000000000000000000000200000004000000ffffffffffffffffffffffffffffffffffffffff05000000000000000000000000000000c5000000060000000100000007000000070000000a0000004000000040000000fc0f", 0xc6}, {&(0x7f0000012d00)="00000000000000000000000000000000000000000000000000000000c910db8c", 0x20, 0x605fe0}], 0x0, &(0x7f0000014b00)) 01:30:11 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) execveat(0xffffffffffffffff, 0x0, &(0x7f0000000240)=[&(0x7f0000000100)='-.{\\]$^+:[!\x00'], 0x0, 0x0) perf_event_open(&(0x7f000000a000)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8000000200052623, 0x800007f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000100), &(0x7f0000343ff8)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f000000a000)) 01:30:12 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) pipe(&(0x7f0000000100)) syz_open_dev$video4linux(&(0x7f0000000280)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$int_in(r0, 0x0, &(0x7f0000000300)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair(0x9, 0xa, 0x8b0, &(0x7f00000001c0)) pselect6(0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1000000000000}, 0x0, &(0x7f0000000000)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) [ 928.044746][T22557] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 928.052746][T22557] UDF-fs: Scanning with blocksize 512 failed [ 928.121174][T22562] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 928.129241][T22562] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 928.159832][ T27] audit: type=1804 audit(1600651812.263:208): pid=22558 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir206141261/syzkaller.h682IJ/509/bus" dev="sda1" ino=16374 res=1 errno=0 [ 928.162879][T22562] F2FS-fs (loop5): invalid crc_offset: 0 [ 928.194178][T22562] F2FS-fs (loop5): invalid crc_offset: 0 [ 928.200283][T22562] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 928.284556][T22557] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) [ 928.308198][T22567] BTRFS error (device loop3): superblock checksum mismatch [ 928.372821][T22567] BTRFS error (device loop3): open_ctree failed [ 928.394217][T22557] UDF-fs: error (device loop4): udf_read_inode: (ino 1328) failed !bh [ 928.402751][T22557] ===================================================== [ 928.409802][T22557] BUG: KMSAN: uninit-value in udf_evict_inode+0x382/0x7d0 [ 928.416957][T22557] CPU: 0 PID: 22557 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0 [ 928.425642][T22557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 928.435710][T22557] Call Trace: [ 928.439021][T22557] dump_stack+0x21c/0x280 [ 928.443381][T22557] kmsan_report+0xf7/0x1e0 [ 928.447837][T22557] __msan_warning+0x58/0xa0 [ 928.452367][T22557] udf_evict_inode+0x382/0x7d0 [ 928.457222][T22557] ? inode_wait_for_writeback+0x2e7/0x320 [ 928.462974][T22557] ? kmsan_get_metadata+0x116/0x180 [ 928.468201][T22557] ? kzalloc+0xd0/0xd0 [ 928.472315][T22557] evict+0x4d3/0xec0 [ 928.476240][T22557] iput+0xc7b/0xf50 [ 928.480075][T22557] iget_failed+0x2cb/0x390 [ 928.484513][T22557] __udf_iget+0x111d/0x4650 [ 928.489052][T22557] ? udf_open_lvid+0x6a8/0x770 [ 928.493840][T22557] udf_fill_super+0x2fa3/0x3330 [ 928.498782][T22557] mount_bdev+0x622/0x910 [ 928.503170][T22557] ? udf_mount+0xe0/0xe0 [ 928.507439][T22557] udf_mount+0xc9/0xe0 [ 928.511581][T22557] legacy_get_tree+0x163/0x2e0 [ 928.516365][T22557] ? lvid_get_unique_id+0x400/0x400 [ 928.521595][T22557] ? legacy_parse_monolithic+0x310/0x310 [ 928.527252][T22557] vfs_get_tree+0xd8/0x5d0 [ 928.531697][T22557] path_mount+0x3d1a/0x5d40 [ 928.536274][T22557] ? getname_flags+0x752/0xc40 [ 928.541076][T22557] do_mount+0x1c6/0x220 [ 928.545307][T22557] __se_compat_sys_mount+0x7b5/0xaa0 [ 928.550628][T22557] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 928.556718][T22557] __ia32_compat_sys_mount+0x62/0x80 [ 928.562023][T22557] __do_fast_syscall_32+0x129/0x180 [ 928.567246][T22557] do_fast_syscall_32+0x6a/0xc0 [ 928.572118][T22557] do_SYSENTER_32+0x73/0x90 [ 928.576650][T22557] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 928.582989][T22557] RIP: 0023:0xf7f14549 [ 928.587072][T22557] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 928.606693][T22557] RSP: 002b:00000000f550df20 EFLAGS: 00000292 ORIG_RAX: 0000000000000015 [ 928.615126][T22557] RAX: ffffffffffffffda RBX: 00000000f550df7c RCX: 0000000020000100 [ 928.623117][T22557] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 00000000f550dfbc [ 928.631109][T22557] RBP: 00000000f550df7c R08: 0000000000000000 R09: 0000000000000000 [ 928.639101][T22557] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 928.647122][T22557] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 928.655114][T22557] [ 928.657449][T22557] Uninit was stored to memory at: [ 928.662499][T22557] kmsan_internal_chain_origin+0xad/0x130 [ 928.668237][T22557] __msan_chain_origin+0x50/0x90 [ 928.673190][T22557] udf_alloc_inode+0x2ab/0x2d0 [ 928.677966][T22557] iget_locked+0x37a/0x13f0 [ 928.682485][T22557] __udf_iget+0x152/0x4650 [ 928.686914][T22557] udf_fill_super+0x2fa3/0x3330 [ 928.691777][T22557] mount_bdev+0x622/0x910 [ 928.696119][T22557] udf_mount+0xc9/0xe0 [ 928.700206][T22557] legacy_get_tree+0x163/0x2e0 [ 928.704982][T22557] vfs_get_tree+0xd8/0x5d0 [ 928.709404][T22557] path_mount+0x3d1a/0x5d40 [ 928.713902][T22557] do_mount+0x1c6/0x220 [ 928.718075][T22557] __se_compat_sys_mount+0x7b5/0xaa0 [ 928.723353][T22557] __ia32_compat_sys_mount+0x62/0x80 [ 928.728667][T22557] __do_fast_syscall_32+0x129/0x180 [ 928.733861][T22557] do_fast_syscall_32+0x6a/0xc0 [ 928.738721][T22557] do_SYSENTER_32+0x73/0x90 [ 928.743235][T22557] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 928.749554][T22557] [ 928.751879][T22557] Uninit was created at: [ 928.756120][T22557] kmsan_save_stack_with_flags+0x3c/0x90 [ 928.761746][T22557] kmsan_alloc_page+0xc5/0x1a0 [ 928.767000][T22557] __alloc_pages_nodemask+0xf34/0x1120 [ 928.772502][T22557] alloc_pages_current+0x685/0xb50 [ 928.777617][T22557] allocate_slab+0x2fe/0x1180 [ 928.782287][T22557] ___slab_alloc+0xd65/0x1940 [ 928.786962][T22557] kmem_cache_alloc+0x9fe/0xc80 [ 928.791808][T22557] udf_alloc_inode+0x60/0x2d0 [ 928.796494][T22557] iget_locked+0x37a/0x13f0 [ 928.800992][T22557] __udf_iget+0x152/0x4650 [ 928.805400][T22557] udf_fill_super+0x2fa3/0x3330 [ 928.810241][T22557] mount_bdev+0x622/0x910 [ 928.814578][T22557] udf_mount+0xc9/0xe0 [ 928.818644][T22557] legacy_get_tree+0x163/0x2e0 [ 928.823399][T22557] vfs_get_tree+0xd8/0x5d0 [ 928.827809][T22557] path_mount+0x3d1a/0x5d40 [ 928.832323][T22557] do_mount+0x1c6/0x220 [ 928.836489][T22557] __se_compat_sys_mount+0x7b5/0xaa0 [ 928.841790][T22557] __ia32_compat_sys_mount+0x62/0x80 [ 928.847069][T22557] __do_fast_syscall_32+0x129/0x180 [ 928.852263][T22557] do_fast_syscall_32+0x6a/0xc0 [ 928.857104][T22557] do_SYSENTER_32+0x73/0x90 [ 928.861600][T22557] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 928.867911][T22557] ===================================================== [ 928.874831][T22557] Disabling lock debugging due to kernel taint [ 928.880971][T22557] Kernel panic - not syncing: panic_on_warn set ... [ 928.887571][T22557] CPU: 0 PID: 22557 Comm: syz-executor.4 Tainted: G B 5.9.0-rc4-syzkaller #0 [ 928.897616][T22557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 928.907659][T22557] Call Trace: [ 928.910952][T22557] dump_stack+0x21c/0x280 [ 928.915364][T22557] panic+0x4d7/0xef7 [ 928.919428][T22557] ? add_taint+0x17c/0x210 [ 928.923853][T22557] kmsan_report+0x1df/0x1e0 [ 928.928364][T22557] __msan_warning+0x58/0xa0 [ 928.932882][T22557] udf_evict_inode+0x382/0x7d0 [ 928.937796][T22557] ? inode_wait_for_writeback+0x2e7/0x320 [ 928.943548][T22557] ? kmsan_get_metadata+0x116/0x180 [ 928.948841][T22557] ? kzalloc+0xd0/0xd0 [ 928.952905][T22557] evict+0x4d3/0xec0 [ 928.956800][T22557] iput+0xc7b/0xf50 [ 928.960609][T22557] iget_failed+0x2cb/0x390 [ 928.965025][T22557] __udf_iget+0x111d/0x4650 [ 928.969532][T22557] ? udf_open_lvid+0x6a8/0x770 [ 928.974317][T22557] udf_fill_super+0x2fa3/0x3330 [ 928.979183][T22557] mount_bdev+0x622/0x910 [ 928.983508][T22557] ? udf_mount+0xe0/0xe0 [ 928.987760][T22557] udf_mount+0xc9/0xe0 [ 928.991833][T22557] legacy_get_tree+0x163/0x2e0 [ 928.996593][T22557] ? lvid_get_unique_id+0x400/0x400 [ 929.001793][T22557] ? legacy_parse_monolithic+0x310/0x310 [ 929.007429][T22557] vfs_get_tree+0xd8/0x5d0 [ 929.011869][T22557] path_mount+0x3d1a/0x5d40 [ 929.016401][T22557] ? getname_flags+0x752/0xc40 [ 929.021175][T22557] do_mount+0x1c6/0x220 [ 929.025337][T22557] __se_compat_sys_mount+0x7b5/0xaa0 [ 929.030624][T22557] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 929.036719][T22557] __ia32_compat_sys_mount+0x62/0x80 [ 929.042021][T22557] __do_fast_syscall_32+0x129/0x180 [ 929.047254][T22557] do_fast_syscall_32+0x6a/0xc0 [ 929.052108][T22557] do_SYSENTER_32+0x73/0x90 [ 929.056611][T22557] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 929.062942][T22557] RIP: 0023:0xf7f14549 [ 929.067023][T22557] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 929.086624][T22557] RSP: 002b:00000000f550df20 EFLAGS: 00000292 ORIG_RAX: 0000000000000015 [ 929.095049][T22557] RAX: ffffffffffffffda RBX: 00000000f550df7c RCX: 0000000020000100 [ 929.103012][T22557] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 00000000f550dfbc [ 929.110983][T22557] RBP: 00000000f550df7c R08: 0000000000000000 R09: 0000000000000000 [ 929.118946][T22557] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 929.126909][T22557] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 929.136188][T22557] Kernel Offset: disabled [ 929.140513][T22557] Rebooting in 86400 seconds..